[Building Sakai] Shibbolizing Sakai

Natalia Stash natalia.stash at gmail.com
Thu Jan 20 06:47:11 PST 2011 

Dear all, 

Thank you very much for you help!
We seem to have some progress thanks to your suggestions.
But we had to reinstall shibboleth.
So the current problems are more related to shibboleth than sakai.

Best regards, 
Natasha.

On Jan 17, 2011, at 12:13 AM, Denny wrote:

> Hi Natalia,
> 
> You need to ensure that your shibboleth installation work properly
> without sakai. It seems that it works as
> https://sakai.win.tue.nl/secure/ redirects to your IdP.
> 
> Normally, https://sakai.win.tue.nl/portal/login at the end redirects to
> your IdP or DS. However, this is not the case in your installation. 
> 
> Ensure that /sakai-login-tool/container is protected by Shibboleth in
> your apache configuration
> 
> <Location "/sakai-login-tool/container">
> AuthType shibboleth
> ShibRequireSession On
> require shibboleth
> AllowOverride Options
> </Location>
> 
> Ensure the right shib container login in your sakai-login-tool (web.xml)
>    <servlet>
>        <servlet-name>sakai.login.container</servlet-name>
> <servlet-class>org.sakaiproject.login.tool.ShibContainerLogin</servlet-class>
>        <load-on-startup>1</load-on-startup>
>    </servlet>
> 
> Have you added tomcatAuthentication="false" to your tomcat connector
> (conf/server.xml)?
> 
> Check what attributes are released by the IDP (see transaction.log in
> your shibboleth log directory). Compare that with
> your /etc/shibboleth/shibboleth.xml and the attributes used in
> REMOTE_USER.
> 
> I hope it helps.
> 
> Cheers,
> 
> Denny
> 
> -- 
> Denny
> Systems Developer
> Enterprise Systems
> Division of Information
> Building 3, K Block
> The Australian National University
> Canberra ACT 0200 Australia
> 
> T: +61 2 6125 2427
> 
> CRICOS Provider # 00120C
> 
> 
> On Sat, 2011-01-15 at 18:49 +0100, Natalia Stash wrote:
>> Hi Kevin, 
>> 
>> No, unfortunately this does not help:(
>> 
>> Regards, 
>> Natasha.
>> 
>> On Jan 15, 2011, at 2:36 PM, Kevin P. Foote wrote:
>> 
>>> sakai.properties ?
>>> 
>>> container.login=true
>>> 
>>> ------
>>> thanks
>>> kevin.foote
>>> 
>>> 
>>> On Sat, 15 Jan 2011 13:33:11 +0100
>>> Natalia Stash <natalia.stash at gmail.com> wrote:
>>>> Dear Abdul, Thank you for your quick response!
>>>> Both sakai-login-tool.war and sakai-login-tool directory are present in tomcat/webapps.
>>>> Regards, Natasha.
>>>> On Jan 15, 2011, at 1:25 PM, Abdul khader wrote:
>>>>> Hi,
>>>>> Please check in your tomcat/webapps directory if you have folder by the name "sakai-login-tool". Also, check if you have a file like sakai-login-tool.war, If the file is present but not the folder, it means the app sakai-login-tool is compiled by sakai but not deployed. In case both the file and folder not present, then sakai-login-tool is not compiled by sakai.
>>>>> Hope that helps.
>>>>> Abdul Khader 
> 
>

More information about the sakai-dev mailing list