[Building Sakai] Shibbolizing Sakai
Martin B. Smith
smithmb at ufl.edu
Sat Jan 15 15:49:29 PST 2011
On 1/15/2011 7:17 AM, Natalia Stash wrote:
> Dear all,
>
> I am new to sakai dev list.
> We are trying to shibbolize sakai (v 2.7.0).
> On the sakai start page we have a shibboleth login link
> https://sakai.win.tue.nl/portal/login that redirects to https://sakai.win.tue.nl/sakai-login-tool/
> but we get an error message
> HTTP Status 404 - /sakai-login-tool/.
> The requested resource (/sakai-login-tool/) is not available.
> I looked at the logs, they don't say anything like sakai-login-tool could not be deployed.
> Has anyone had this kind of problem before?
>
> Kind regards,
> Natasha.
Hi Natasha (& all),
We have Sakai configured for Shibboleth, and if that fails, the
/portal/xlogin ('bypass login') is configured for Kerberos. Either way,
do you already have users in Sakai or a Directory Provider than can look
the users up once they authenticate with Shibboleth?
Next, if container.login is true, you should be getting redirected to:
/sakai-login-tool/container (yours is missing 'container').
Then, we protect that URL with Shibboleth using a <Location
/sakai-login-tool/container> stanza in Apache, and make sure REMOTE_USER
is populated there.
Then, Sakai reads the REMOTE_USER value, uses whatever directory
provider you have, and looks for a username with that value.
Hope that helps,
--
Martin B. Smith
smithmb at ufl.edu - (352) 273-1374
CNS/Open Systems Group
University of Florida
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5497 bytes
Desc: S/MIME Cryptographic Signature
Url : http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20110115/f4e63ad4/attachment.bin
More information about the sakai-dev
mailing list