Custom authentication and extending the login.jsp element.
PARDEE, MARTIN (MARTIN)
mlp at research.att.com
Fri Aug 31 12:50:40 EDT 2012
I'm not sure you and I are on the same page yet. Can you please tell me what happens inside shib after the Auth Handler servlet has done a re-direct to the login.jsp?
From: users-bounces at shibboleth.net [mailto:users-bounces at shibboleth.net] On Behalf Of Cantor, Scott
Sent: Friday, August 31, 2012 12:18 PM
To: Shib Users
Subject: Re: Custom authentication and extending the login.jsp element.
On 8/31/12 11:59 AM, "PARDEE, MARTIN (MARTIN)" <mlp at research.att.com>
>It looked to me that I had control flow like this:
>1) Shib intercepts attempt to reach resource via apache plugin,
This is the IdP, there's no Apache plugin.
>2) Control passed to my Custom Auth Servlet,
>3) Servlet redirects to login.jsp,
>4) Login.jsp has FORMACTION that goes to j_security_check (which
>disappears inside the container),
That's not how the handler works, see other email.
You're confusing container-managed auth, which can be used with the REMOTE_USER handler (along with many other approaches), with the user/pass handler. I believe the stock login.jsp is decorated to be usable in both models, but they're not the same model.
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users