For current installation and configuration documentation, see this page.



There are currently 2 ways to run the application:

  1. As an executable
  2. deployed in a Java Servlet 3.0 container

Note that some features require encoded slashes in the URL. In tomcat (which is embedded in the war), this can be allowed with:


In Apache HTTPD, you'll need something like:

<VirtualHost *:80>
    AllowEncodedSlashes NoDecode
    ProxyPass / http://localhost:8080/ nocanon
    ProxyPassReverse / http://localhost:8080/

Note the AllowEncodedSlashes NoDecode.

Running as an executable

java -jar shibui.war

For complete information on overriding default configuration, see [].

Deploying as a WAR

The application can be deployed as a WAR file in a Java Servlet 3.0 container. Currently, the application must be run in the root context.

To override default configuration, see []. The easiest way to do this in a servlet container is through the use of system properties


Currently, the application is wired with very simple authentication. A password for the user user can be set with the shibui.default-password property. If none is set, a default password will be generated and logged:

Using default security password: a3d9ab96-9c63-414f-b199-26fcf59e1ffa