How to setup username and password authentication in Shibboleth

Home > Search > How-to
  by

Shibboleth includes a default login page.

 

The $shibboleth_home/conf/login.config file is used to configure the authentication method. For example, let's say you want to authentication to an LDAP server.

ShibUserPassAuth {
   edu.vt.middleware.ldap.jaas.LdapLoginModule required
      ldapUrl="ldap://ldap1.example.com:389 ldap://ldap2.example.com:389"
      baseDn="ou=people,dc=example,dc=com"
      tls="true"
      userFilter="uid={0}";
};

 

By default, the UsernamePassword section of the $shibboleth_home/conf/handler.xml file is commented out. Remove the comments to enable username and password authentication.

<ph:LoginHandler xsi:type="ph:UsernamePassword"
                 jaasConfigurationLocation="file:///opt/shibboleth-idp/conf/login.config">
  <ph:AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</ph:AuthenticationMethod>
</ph:LoginHandler>

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter in the box below so that we can be sure you are a human.




Comments