Versions Compared

Old Version 110

changes.mady.by.user Xavier Haurie

Saved on

compared with

New Version 111

changes.mady.by.user Xavier Haurie

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

IdP (Identity Provider): A web-based system that can authenticate a user on behalf of another system called SP (for Service Provider).

...

IMPORTANT: you must specify at least one attribute whose id is "remoteUser". The Shrine SP code will look for a request attribute of that id to populate the user name in the code (which appears in the user account "badge" at the top-right corner of the UI). It will also be used as a key for any 3rd party supplemental info, such as the Profiles API at HMS. In the present case, our attribute name fore the remoteUser is "ecommonsId" because that is why the HMS iDP returns, along with "Email", "Firstname" and "Lastname".

...

Configure the AJP connector. Note the allowedRequestAttributesPattern=".*" attribute. That is needed for the AJP connection so that the attributes from the "attribute-map.xml" file (see above) will be passed to the ServletRequest object as request attributes, and of the correct name (as opposed to request headers). See also shibboleth2.xml on the same topic.

...