Initial Shibboleth Development
crguo at stanford.edu
Mon Sep 26 02:00:41 BST 2011
I'm currently developing an application for Stanford that's supposed to
interface with their Shibboleth authentication system. I've read most of the
getting started guides for Service Providers and I am currently following
the instructions posted here:
https://itservices.stanford.edu/service/shibboleth/sp/test-shib for setting
up my application, and I already have some questions/problems. If anybody
has answers for any of them, I would really appreciate it!
First, I didn't receive any security certs or keys back from testshib, and
Stanford's instructions note that I should have received them and stored
them in testshib.crt and testshib.key. Where can I find these, or do I not
Second, the application is running Django, and using mod_wsgi to route the
urls. Is there a resource that I should be Aliasing /Shibboleth.sso to? My
shib.conf file looks like this:
# Tell Apache to load the Shibboleth Metadata
Alias /Shibboleth.sso/Metadata "/etc/shibboleth/shibboleth2.xml"
# Load the Shibboleth module.
LoadModule mod_shib /usr/lib/shibboleth/mod_shib_22.so
# Used for example logo and style sheet in error templates.
Allow from all
Alias /shibboleth-sp/main.css /usr/share/doc/shibboleth-2.4.3/main.css
Alias /shibboleth-sp/logo.jpg /usr/share/doc/shibboleth-2.4.3/logo.jpg
# Configure the module for content.
# You MUST enable AuthType shibboleth for the module to process
# any requests, and there MUST be a require command as well. To
# enable Shibboleth but not specify any session/access requirements
# use "require shibboleth".
<Location /stanford/shibboleth >
ShibRequestSetting requireSession 1
Third, I'm running into an error message "Error Message: SAML 2 SSO profile
is not configured for relying party 'https://dev.classowl.com/shibboleth-sp'".
The TestShib portal was working previously but now has stopped working. I'm
not sure which file I changed to create the problem.
The whole setup is running on Amazon EC2, with RedHat.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users