Shibboleth Identity Provider 3
Requirements
- Shibboleth Identity Provider 3.2.1
"Shibboleth Identity Provider is an open-source project that provides Single Sign-On services and extends reach into other organizations and new services through authentication of users and securely providing appropriate data to requesting services." - Oracle Sun JDK 1.8
- (JCE) Unlimited Strength Jurisdiction Policy Files
How to install inWebo Shibboleth plugin
To install the plugin you have to follow this procedure:
Unpack inWebo Shibboleth plugin in a Temp directory
unzip iw-shibboleth-*.zip -d /tmp/
BASHCopy inWebo directories in Shibboleth
copy the `edit-webapp`, `flow`, `conf` and `views` directories from the distribution into `${idp.home}`cd iw-shibboleth-* cp -R * ${idp.home}
BASHModify inWebo "inwebo.properties" file
Path `${idp.home}/conf/inwebo.properties`for your InWebo configuration, you have to input the following details
inwebo.api.certificate.path= <The_path_of_your_inWebo_certificate_file> inwebo.api.certificate.password= <Your_certificate_passphrase> inwebo.api.service.id= <Your_inWebo_service_ID>
XMLModify Shibboleth "idp.properties" file
Path: `${idp.home}/conf/idp.properties`You have to edit the following properties:
idp.additionalProperties
You have to add ", /conf/inwebo.properties" at the end of the line
idp.additionalProperties= /conf/ldap.properties, /conf/saml-nameid.properties, /conf/services.properties, /conf/inwebo.properties
XMLidp.authn.flows
You have to add "|inWebo"idp.authn.flows= Password|inWebo
XMLidp.authn.flows.initial
Uncomment the line and change with inWeboidp.authn.flows.initial = inWebo
XML
Modify Shibboleth "web.xml" file
Path: `${idp.home}/edit-webapp/WEB-INF/web.xml`If you don't have this file, you can copy from `${idp.home}/webapp/WEB-INF/web.xml`
In the first section <context-param>
You have to add : "classpath*:/META-INF/shibboleth-idp/inwebo-global-config.xml," in contextConfigLocation <param-value><context-param> <param-name>contextConfigLocation</param-name> <param-value>classpath*:/META-INF/shibboleth-idp/inwebo-global-config.xml,${idp.home}/system/conf/global-system.xml,classpath*:/META-INF/net.shibboleth.idp/config.xml</param-value> </context-param>
XMLIn the <servlet> section, idp<servlet-name>
You have to add : "classpath*:/META-INF/shibboleth-idp/inwebo-webflow-config.xml," in contextConfigLocation <param-value><servlet> <servlet-name>idp</servlet-name> <init-param> <param-name>contextConfigLocation</param-name> <param-value>classpath*:/META-INF/shibboleth-idp/inwebo-webflow-config.xml,${idp.home}/system/conf/mvc-beans.xml,${idp.home}/system/conf/webflow- config.xml</param-value> </init-param> </servlet>
XML
Modify Shibboleth "authn-messages.properties" file
Path: `${idp.home}/messages/authn-messages.properties`You have to add the following properties:
# inWebo messages idp.login.inwebo.push.send = Send Push Authentication idp.login.inwebo.connect.message = Connecting...
XMLRebuild shibboleth IdP war file
cd ${idp.home}/bin ./build.sh
XML- Restart App Server (tomcat or jetty)
How to debug
Modifying shibboleth "logback.xml" file
add after `<logger name="net.shibboleth.idp" level="INFO"/>' the following section:
<!-- Logs inWebo →
<logger name="com.inwebo" level="DEBUG"/>
<logger name="org.glassfish.jersey" level="DEBUG"/>