Configuring Shibboleth 2.x IdP with Novell Access Manager as SSO

Sara Hopkins sara.hopkins at
Fri Nov 4 15:30:29 GMT 2011

I said I would report back on this once I'd managed to get a test system set up, which I've now done.

I managed to get Chad's suggestion for the Tomcat-based IdP working very quickly; the addition of a proxyName attribute set to an appropriate value in the port 443 connector in the Tomcat server.xml file did the trick. I was able to both reproduce the problem and fix it using this.

I couldn't get Scott's suggestion for the Apache httpd-proxied IdP working. I bashed my head against it for a while, then found this thread in shibboleth-users:

It looks as if I may have come up against the bug that Peter Schober mentions in this thread. So I used his workaround, and added the proxyName attribute to the AJP Connector on port 8009. And that did it - hurrah!

Many thanks Chad, Scott, and Peter, and to Rod and Rhys who have also advised me about this.


Sara Hopkins
Support Team
UK Access Management Federation for Education and Research

The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336. 

More information about the users mailing list