...
Note: The examples presented here were tested with Shibboleth IdP software version 2.3.8.
Note 2: In the XML code examples below, there is an intentional typo in URLs, with a space between "http
" and the colon ":
" (i.e., "http :
"). This is because the Confluence XML formatter strangely hides URLs from display. I have circumvented this issue by adding a space in the examples. Do not copy the space in your configuration files.
Configuration 1: IdP Always Returns Silver Assurance
...
Code Block | ||||
---|---|---|---|---|
| ||||
<!-- In WEB-INF/web.xml -->
<!-- Servlet for doing Username/Password authentication -->
<servlet>
<servlet-name>UsernamePasswordAuthHandler</servlet-name>
<servlet-class>edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet</servlet-class>
<load-on-startup>3</load-on-startup>
<init-param>
<param-name>authnMethod</param-name>
<param-value>http ://id.incommon.org/assurance/silver</param-value>
</init-param>
</servlet>
|
...
Code Block | ||||
---|---|---|---|---|
| ||||
<!-- In conf/handler.xml -->
<!-- Username/password login handler -->
<ph:LoginHandler xsi:type="ph:UsernamePassword"
jaasConfigurationLocation="file:///opt/shibboleth-idp/conf/login.config">
<ph:AuthenticationMethod>http ://id.incommon.org/assurance/silver</ph:AuthenticationMethod>
<ph:AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</ph:AuthenticationMethod>
</ph:LoginHandler>
|
...
Code Block | ||||
---|---|---|---|---|
| ||||
<!-- In WEB-INF/web.xml -->
<!-- Servlet for doing Username/Password authentication -->
<servlet>
<servlet-name>UsernamePasswordAuthHandler</servlet-name>
<servlet-class>edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet</servlet-class>
<load-on-startup>3</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>UsernamePasswordAuthHandler</servlet-name>
<url-pattern>/Authn/UserPassword</url-pattern>
</servlet-mapping>
<!-- Servlet for doing Username/Password Silver authentication -->
<servlet>
<servlet-name>UsernamePasswordSilverAuthHandler</servlet-name>
<servlet-class>edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet</servlet-class>
<load-on-startup>3</load-on-startup>
<init-param>
<param-name>authnMethod</param-name>
<param-value>http ://id.incommon.org/assurance/silver</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>UsernamePasswordSilverAuthHandler</servlet-name>
<url-pattern>/Authn/UserPasswordSilver</url-pattern>
</servlet-mapping>
|
...
Code Block | ||||
---|---|---|---|---|
| ||||
<!-- In conf/handler.xml -->
<!-- Username/password login handler -->
<ph:LoginHandler xsi:type="ph:UsernamePassword"
jaasConfigurationLocation="file:///opt/shibboleth-idp/conf/login.config">
<ph:AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</ph:AuthenticationMethod>
</ph:LoginHandler>
<!-- Username/password Silver login handler -->
<ph:LoginHandler xsi:type="ph:UsernamePassword"
jaasConfigurationLocation="file:///opt/shibboleth-idp/conf/login.config"
authenticationServletURL="/Authn/UserPasswordSilver">
<ph:AuthenticationMethod>http ://id.incommon.org/assurance/silver</ph:AuthenticationMethod>
</ph:LoginHandler>
|
...