Authenticate via Shibboleth and LDAP
Chad La Joie
lajoie at itumi.biz
Sat Jun 16 17:35:37 BST 2012
First, be sure you're using the actual Shibboleth documentation not some
third party document.
Second, turn on logging for the LDAP library and see what it says.
On 6/16/12 11:06 AM, Stephan Hackstedt wrote:
> Hi,
>
> I'm new to Shibboleth and trying to setup a test environment on a single
> Windows / x64 machine.
> I followed some tutorials. Now I'm at a point where I'm trying to access
> a ressource on the SP. The redirection to the IdP loginpage works fine.
> But I cannot login, no matter if I use the right user/pw combination or not.
> I'm using LDAP as storage for the user data.
> I tested two different LDAP Systems (APacheDS, OpenDS) but I couldnt get
> it to work. The same error with both.
>
> The connection to the LDAP service can be established successfull on IdP
> Startup, but after redirection and typing username and passwort at the
> login screen Shibboleth IdP always gives the message "Credentials not
> recognized".
> Are there other configuration files, beside login.conf and
> attribute-resolver,xmlm which I need to consider?
>
> It would be nice, if some has a hint for me regarding my problem, My
> progress really stucks.
>
> conf snippets:
>
>
> attribute-resolver.xml:
> *
> <!-- Example LDAP Connector for OpenDS-->
> <resolver:DataConnector id="myLDAP" xsi:type="dc:LDAPDirectory"
> ldapURL="ldap://127.0.0.1:12389 <http://127.0.0.1:12389>"
> baseDN="ou=people,dc=example,dc=com"
> principal="cn=Directory Manager"
> principalCredential="secret2">
> <dc:FilterTemplate>
> <![CDATA[
> (uid=$requestContext.principalName)
> ]]>
> </dc:FilterTemplate>*
>
> login.config:
>
> *ShibUserPassAuth {
> edu.vt.middleware.ldap.jaas.LdapLoginModule required
> host="127.0.0.1"
> base="ou=people,dc=example,dc=com"
> bindDn ="cn=Directory Manager"
> bindCredential="secret2"
> port="12389"
> ssl="false"
> tls="false"
> userField="uid";
> };*
>
> Regards,
> Stephan
>
>
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
>
--
Chad La Joie
www.itumi.biz
trusted identities, delivered
More information about the users
mailing list