Note: The examples presented here were tested with Shibboleth IdP software version 2.3.8.

Note 2: In the XML code examples below, there is an intentional typo in URLs, with a space between "http" and the colon ":" (i.e., "http :"). This is because the Confluence XML formatter strangely hides URLs from display. I have circumvented this issue by adding a space in the examples. Do not copy the space in your configuration files.

Configuration 1: IdP Always Returns Silver Assurance

...

Code Block

	xml
	xml

<!-- In WEB-INF/web.xml -->
 
    <!-- Servlet for doing Username/Password authentication -->
    <servlet>
        <servlet-name>UsernamePasswordAuthHandler</servlet-name>
        <servlet-class>edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet</servlet-class>
        <load-on-startup>3</load-on-startup>
        <init-param>
            <param-name>authnMethod</param-name>
            <param-value>http ://id.incommon.org/assurance/silver</param-value>
        </init-param>
    </servlet>

...

Code Block

	xml
	xml

<!-- In conf/handler.xml -->

    <!--  Username/password login handler -->
    <ph:LoginHandler xsi:type="ph:UsernamePassword"
                     jaasConfigurationLocation="file:///opt/shibboleth-idp/conf/login.config">
        <ph:AuthenticationMethod>http ://id.incommon.org/assurance/silver</ph:AuthenticationMethod>
        <ph:AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</ph:AuthenticationMethod>
    </ph:LoginHandler>

...

Code Block

	xml
	xml

<!-- In WEB-INF/web.xml -->

    <!-- Servlet for doing Username/Password authentication -->
    <servlet>
        <servlet-name>UsernamePasswordAuthHandler</servlet-name>
        <servlet-class>edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet</servlet-class>
        <load-on-startup>3</load-on-startup>
    </servlet>

    <servlet-mapping>
        <servlet-name>UsernamePasswordAuthHandler</servlet-name>
        <url-pattern>/Authn/UserPassword</url-pattern>
    </servlet-mapping>

    <!-- Servlet for doing Username/Password Silver authentication -->
    <servlet>
        <servlet-name>UsernamePasswordSilverAuthHandler</servlet-name>
        <servlet-class>edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet</servlet-class>
        <load-on-startup>3</load-on-startup>
        <init-param>
          <param-name>authnMethod</param-name>
          <param-value>http ://id.incommon.org/assurance/silver</param-value>
        </init-param>
    </servlet>

    <servlet-mapping>
        <servlet-name>UsernamePasswordSilverAuthHandler</servlet-name>
        <url-pattern>/Authn/UserPasswordSilver</url-pattern>
    </servlet-mapping>

...

Code Block

	xml
	xml

<!-- In conf/handler.xml -->

    <!--  Username/password login handler -->
    <ph:LoginHandler xsi:type="ph:UsernamePassword"
                     jaasConfigurationLocation="file:///opt/shibboleth-idp/conf/login.config">
        <ph:AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</ph:AuthenticationMethod>
    </ph:LoginHandler>

    <!--  Username/password Silver login handler -->
    <ph:LoginHandler xsi:type="ph:UsernamePassword"
                     jaasConfigurationLocation="file:///opt/shibboleth-idp/conf/login.config"
                     authenticationServletURL="/Authn/UserPasswordSilver">
        <ph:AuthenticationMethod>http ://id.incommon.org/assurance/silver</ph:AuthenticationMethod>
    </ph:LoginHandler>

...

Child pages

Versions Compared

Old Version 3

New Version 4

Key

Configuration 1: IdP Always Returns Silver Assurance

Child pages

Page History

Versions Compared

Old Version 3

New Version 4

Key

Configuration 1: IdP Always Returns Silver Assurance