Blackboard 9.1 - Guidance

Cantor, Scott cantor.2 at osu.edu
Thu Nov 17 20:07:36 GMT 2011


On 11/17/11 2:17 PM, "Richard Wendel" <richard.e.wendel at gmail.com> wrote:
>
>I wanted to find out if anyone was using the Blackboard Shibboleth
>authentication module with current (2.4.x) software and what additional
>steps were needed. I have already repackaged the RPM for Apache 1.3.41
>that is included in Blackboard 9.1. I have it passing me to a "secure"
>area after successfully authenticating against my ADFS, so it appears
>that my Apache integration specifically of Shibboleth works fine.

Then apart from support issues, there's no concern.

>My guess is that I believe previous versions used the Header vars to pass
>info, and current uses the Env vars.

Both support both. Defaults are different.

> In addition, they recommend a separate mapped var (ShibMapAttribute)
>when using Ajp1.2 (which is what is there) since REMOTE_USER doesn't get
>sent properly, which isn't an Apache directive in the current versions of
>Shib.

I don't even remember what that command did to be honest, but there is no
material difference here, and REMOTE_USER works fine with AJP.

>Also, is there a way to log/capture the unencrypted claims after
>attribute mapping in Shib so I can verify the claims mapping from ADFS to
>what Shib expects like eppn, etc.

Attribute, not claim. When MS starts enhancing their offering, I'll
consider using their invented terminology. ;-)

If you can see the headers and/or environment, you see exactly what the
app sees. If you're talking about dumping the SAML, that's available via
logging. If you mean something else, let me know.

Bottom line, the app integration available with SP 1.x is all supported in
2.x, no exceptions.

-- Scott



More information about the users mailing list