Page History
...
attributePrefix
must be set to "AJP_
" so that the attributes from the "attribute-map.xml
" file (see below) are passed to Tomcat as request attributes (as opposed to request headers). See also SHRINE 4.0.0 Appendix A.5 - More Details: Tomcat Configuration on the same topic.
The REMOTE REMOTE_USER
xml xml attribute of ApplicationDefaultsof <ApplicationDefaults>
should be populated, in the form of a list of at least one attribute name; the first of which should normally be "userId
", which is defined in attribute-map.xml
.
See: https://shibboleth.atlassian.net/wiki/spaces/SP3/pages/2067400159/JavaHowTo
...
The following specifies the entityID
of the IdP to use for authentication. Get it from the idP metadata. We also specify that we speak only SAML2
protocol:
...
Code Block | ||||
---|---|---|---|---|
| ||||
<SSO entityID="[your idP's entityID, a URI] e.g. http://sso.med.harvard.edu/adfs/services/trust"> |
...
SAML2 |
...
</ |
...
SSO> |
When logging out, only log out of the local Shibboleth session:
...