To allow authentication using Shibboleth:
- Add /etc/shibboleth/shibboleth2.xml. This can be copied using your Dockerfile if you have one. Or you can overlay it by adding the file to slashRoot/etc/shibboleth/shibboleth2.xml.
- Make sure you've set your entityID correctly in the file.
- Add the entityID for your IdP or configure discovery.
- Update the MetadataProvider section to point to InCommon, another federation, a local file, etc. If you're doing signature validation, you'll need to add that certificate as well. e.g. slashRoot/etc/shibboleth/fedsigner.pem
- Of course you may have other changes per your environment.
- Add your signing and encryption keys to /etc/shibboleth/. The default file names are sp-signing-key.pem, sp-signing-cert.pem, sp-encrypt-key.pem, sp-encrypt-cert.pem. Again this can be overlaid using slashRoot.
- Note that sp-signing-key.pem and sp-encrypt-key.pem are private keys (secrets).
- Make sure shibd has read access to these files in the container.