
by
Jeremy Canfield | Updated September 8th, 2017
Shibboleth includes a default login page.
The $shibboleth_home/conf/login.config file is used to configure the authentication method. For example, let's say you want to authentication to an LDAP server.
ShibUserPassAuth {
edu.vt.middleware.ldap.jaas.LdapLoginModule required
ldapUrl="ldap://ldap1.example.com:389 ldap://ldap2.example.com:389"
baseDn="ou=people,dc=example,dc=com"
tls="true"
userFilter="uid={0}";
};
By default, the UsernamePassword section of the $shibboleth_home/conf/handler.xml file is commented out. Remove the comments to enable username and password authentication.
<ph:LoginHandler xsi:type="ph:UsernamePassword"
jaasConfigurationLocation="file:///opt/shibboleth-idp/conf/login.config">
<ph:AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</ph:AuthenticationMethod>
</ph:LoginHandler>