Versions Compared

Old Version 98

changes.mady.by.user Xavier Haurie

Saved on

compared with

New Version 99

changes.mady.by.user Xavier Haurie

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

IdP (Identity Provider): A web-based system that can authenticate a user on behalf of another system called SP (for Service Provider).

...

The following tells Apache to proxy all calls to a URL URLs starting with "shrine-api" to http://127.0.0.1:8009/shrine-api/. Therefore we need to set up Tomcat to listen for HTTP traffic on port 8009 (see Tomcat Configuration below)

ProxyPass "/shrine-api/" "ajp://<YOUR_HOST>:8009/shrine-api/".   (TODO: does it really have to use <YOUR_HOST> instead of 127.0.0.1? in any case need to match line above)

The following tells Apache to use Shibboleth for authentication for any URL starting with "shrine-api":

...

The following tells Shibboleth to make the attributes it collects from the IdP available as request attributes in Apache. This is recommended over using the ShibUseHeaders option which sends the information as request headers. see https://shibboleth.atlassian.net/wiki/spaces/SHIB2/pages/2577072327/NativeSPApacheConfig.

...