...
Step 1 - Security Context
In uportal-impl/src/main/resources/properties/security.properties
configure support for getting the username from the REMOTE_USER
header.
Code Block |
---|
root.remote=org.jasig.portal.security.provider.RemoteUserSecurityContextFactory
|
To ensure the Shibbolized uPortal instance has no chance of using anything but Shibboleth for authN, comment out root and other existing root.* and use RemoteUserSecurityContextFactory
as root like:
Code Block |
---|
## This is the factory that supplies the concrete authentication class #root=org.jasig.portal.security.provider.UnionSecurityContextFactory #root.cas=org.jasig.portal.security.provider.cas.CasFilteredSecurityContextFactory #root.simple=org.jasig.portal.security.provider.SimpleSecurityContextFactory root=org.jasig.portal.security.provider.RemoteUserSecurityContextFactory |
Step 2 - Person Manager
In uportal-impl/src/main/resources/properties/contexts/userContext.xml
replace SimplePersonManager bean
Code Block |
---|
<bean id="personManager" class="org.jasig.portal.security.provider.SimplePersonManager" />
|
with the RemoteUserPersonManager bean. Note that the bean id stays the same.
Code Block |
---|
<bean id="personManager" class="org.jasig.portal.security.provider.RemoteUserPersonManager" />
|
Step 3 - Person Attributes
...