Shibboleth Overview
...
Configure uPortal to get the username from the REMOTE_USER header. In Update the uportal-war/src/main/resources/properties/security.properties add the property:
| Code Block |
|---|
root.remote=org.jasig.portal.security.provider.RemoteUserSecurityContextFactory
|
To ensure the Shibbolized uPortal instance has no chance of using anything but Shibboleth for authN, comment out root and other existing root.* and use RemoteUserSecurityContextFactory as root like file:
| Code Block |
|---|
## This is the factory that supplies the concrete authentication class #rootroot=org.jasig.portal.security.provider.UnionSecurityContextFactory #root.cas=org.jasig.portal.security.provider.cas.CasFilteredSecurityContextFactoryCasAssertionSecurityContextFactory #root.simplecas=org.jasig.portal.security.provider.SimpleSecurityContextFactorycas.clearpass.PasswordCachingCasAssertionSecurityContextFactory root.remote=org.jasig.portal.security.provider.RemoteUserSecurityContextFactory |
...
root.simple=org.jasig.portal.security.provider.SimpleSecurityContextFactory
|
Optionally, to ensure the Shibbolized uPortal instance has no chance of using anything but Shibboleth for authN, comment out the root.simple context.
| Warning | ||
|---|---|---|
| ||
WARNING – do not remove the line |
Configure uPortal to get the username from the REMOTE_USER header. In uportal-war/src/main/resources/properties/security.properties add the property
...
With multiple authentication systems, you will need to design a login template that will allow users to select a specific authentication system to login. To initiate a Shibboleth session, you will need to construct a Shibboleth WAYF login url, for example the format for our school's WAYF is - https://host.school.edu/Shibboleth.sso/WAYF/shibboleth.school.edu?target=http%3A%2F%2Fhost.school.edu%2FuPortal%2FLogin
...