Page History
...
For Shibboleth, we are using SP-3. See https://shibboleth.atlassian.net/wiki/spaces/SP3/overview .
Consult your local Shibboleth experts for guidance.
There are five configuration files that need to go on the host that is running shibd (Shibboleth).
Tomcat for Shrine should be running on that same host.
| Filename | Location on SP | Notes |
|---|---|---|
| idp-metadata.xml | /etc/shibboleth/idp-metadata.xml | A copy of your site's IdP metadata |
| sp-metadata.xml | /var/www/html/sp-metadata.xml – if your Apache sets DocumentRoot to /var/www | To be shared dynamically with your site's Shibboleth IdP. Or omit from the SP, and instead email it to IdP admins |
| attribute-map.xml | /etc/shibboleth/attribute-map.xml | Specifies the user-information that your IdP sends to Sp upon login |
| sp.conf | /etc/httpd/conf.d/sp.conf | Tells Apache to require Shibboleth login for Shrine Urls (/shrine-api/*) . Tomcat should open port 8080 only to localhost, and should reside on the same host as your SP |
| shibboleth2.xml | /etc/shibboleth/shibboleth2.xml | Specifies miscellaneous aspects of your SP |
...
Overview
Content Tools