[Building Sakai] Shibbolizing Sakai
Simon Gaeremynck
gaeremyncks at gmail.com
Tue Feb 16 02:52:38 PST 2010
Dear all,
We're trying to integrate Sakai with a Shibboleth Idp but we're having some problems getting the Shibboleth attributes out of the request.
Our setup:
We're running Sakai 2.5.5 with apache httpd in front. We're also using mod_shib to handle some of the Shibboleth stuff
Our httpd config [1], relevant sakai properties and we're using the Stockholm patch [2]
When we try to login we are correctly moved to our IdP where we can log in.
We are then redirect to /sakai-login-tool/container where the ShibContainerLogin picks the request up.
The strange thing is that the Shibboleth attributes are not present in the request.
When I go to /Shibboleth.sso/Session the needed attributes are displayed.
I'm fairly sure there is a misconfiguring in our apache config or in some of our servlets.
Anyone who has experienced this kind of behaviour?
Kind regards,
Simon
[1]
NameVirtualHost 192.168.101.132:443
<VirtualHost 192.168.101.132:443>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/grapple.caret.cam.ac.uk.crt
SSLCertificateKeyFile /etc/apache2/ssl/grapple.caret.cam.ac.uk.key
SSLCertificateChainFile /etc/apache2/ssl/comodo.ca-bundle
<Location "/sakai-login-tool/container">
AuthType shibboleth
ShibRequireSession On
require shibboleth
AllowOverride Options
</Location>
JkMount /* ajp13_worker
JkUnmount /Shibboleth.sso/* ajp13_worker
JkUnmount /shibboleth-sp/* ajp13_worker
JkUnmount /info.php ajp13_worker
DocumentRoot /var/www/
</VirtualHost>
<VirtualHost *:80>
RedirectPermanent / https://grapple.caret.cam.ac.uk
</VirtualHost>
[2] http://devel.it.su.se/pub/jsp/polopoly.jsp?d=2376&a=21472
[3] Sakai properties
login.redirect.url=/index.html
login.use.xlogin.to.relogin=false
container.login=true
container.auth=true
top.login=false
login.text=Shibboleth Login
More information about the sakai-dev
mailing list