Which handler LDAP SSO
peter.schober at univie.ac.at
Tue Nov 11 08:03:12 EST 2014
* Morris, Andi <amorris at cardiffmet.ac.uk> [2014-11-11 13:44]:
> Thanks. I have UsernamePassword configured at the moment and I'm
> having trouble getting the bind to work so that users can login, but
> I'll continue to work on that.
This is all within the JAAS config file, login.config, as per the Shib
> However, when running against test shib I'm being shown a login
> screen, as expected at the moment.
Presents the user with an authentication page and then checks the
entered username and password against an LDAP directory or Kerberos 5
So the UsernamePassword will generate HTML to collect credentials, and
validate them via LDAP (or Kerberos, but that doesn't change the fact
that a HTML form is rendered at the IDP).
> When I have the ldap running correctly will the users still be shown
> this screen if they already currently have valid windows credentials
> or will I need to configure this with Kerberos? What we have at the
> moment is users being logged on without being prompted when they
> access a shibboleth resource internally.
You'll have to do something entirely different:
The folks from Uni Newcastle have quite complete documentation for
this, IIRC, if you (or your peers from the UKfederation) don't find
anything better to offer try this:
More information about the users