Configuring Shibboleth 2.x IdP with Novell Access Manager as SSO

[Sara Hopkins]

I said I would report back on this once I'd managed to get a test system set up, which I've now done.

I managed to get Chad's suggestion for the Tomcat-based IdP working very quickly; the addition of a proxyName attribute set to an appropriate value in the port 443 connector in the Tomcat server.xml file did the trick. I was able to both reproduce the problem and fix it using this.

I couldn't get Scott's suggestion for the Apache httpd-proxied IdP working. I bashed my head against it for a while, then found this thread in shibboleth-users:

http://groups.google.com/group/shibboleth-users/browse_thread/thread/2c5ce851997419e2

It looks as if I may have come up against the bug that Peter Schober mentions in this thread. So I used his workaround, and added the proxyName attribute to the AJP Connector on port 8009. And that did it - hurrah!

Many thanks Chad, Scott, and Peter, and to Rod and Rhys who have also advised me about this.

Cheers,

Sara
-- 
Sara Hopkins
Support Team
UK Access Management Federation for Education and Research
web:    http://www.ukfederation.org.uk/

The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.