Shibboleth Identity Provider 3

This is the procedure to integrate inWebo multi factor authentication service in "Shibboleth Identity provider"

Requirements

Shibboleth Identity Provider 3.2.1
"Shibboleth Identity Provider is an open-source project that provides Single Sign-On services and extends reach into other organizations and new services through authentication of users and securely providing appropriate data to requesting services."
Oracle Sun JDK 1.8
(JCE) Unlimited Strength Jurisdiction Policy Files

How to install inWebo Shibboleth plugin

To install the plugin you have to follow this procedure:

Unpack inWebo Shibboleth plugin in a Temp directory
```
unzip iw-shibboleth-*.zip -d /tmp/
```
BASH
Copy inWebo directories in Shibboleth
copy the `edit-webapp`, `flow`, `conf` and `views` directories from the distribution into `${idp.home}`
```
cd iw-shibboleth-*
cp -R * ${idp.home}
```
BASH

Modify inWebo "inwebo.properties" file

Path `${idp.home}/conf/inwebo.properties`

for your InWebo configuration, you have to input the following details

inwebo.api.certificate.path= <The_path_of_your_inWebo_certificate_file>
inwebo.api.certificate.password= <Your_certificate_passphrase>
inwebo.api.service.id= <Your_inWebo_service_ID>

XML

Modify Shibboleth "idp.properties" file

Path: `${idp.home}/conf/idp.properties`

You have to edit the following properties:
1. idp.additionalProperties
  You have to add ", /conf/inwebo.properties" at the end of the line
```
idp.additionalProperties= /conf/ldap.properties, /conf/saml-nameid.properties, /conf/services.properties, /conf/inwebo.properties
```
  XML
2. idp.authn.flows
  You have to add "|inWebo"
```
idp.authn.flows= Password|inWebo
```
  XML
3. idp.authn.flows.initial
  Uncomment the line and change with inWebo
```
idp.authn.flows.initial = inWebo
```
  XML

Modify Shibboleth "web.xml" file

Path: `${idp.home}/edit-webapp/WEB-INF/web.xml`

If you don't have this file, you can copy from `${idp.home}/webapp/WEB-INF/web.xml`

In the first section <context-param>
You have to add : "classpath*:/META-INF/shibboleth-idp/inwebo-global-config.xml," in contextConfigLocation <param-value>

<context-param>
	<param-name>contextConfigLocation</param-name>
	<param-value>classpath*:/META-INF/shibboleth-idp/inwebo-global-config.xml,${idp.home}/system/conf/global-system.xml,classpath*:/META-INF/net.shibboleth.idp/config.xml</param-value>
</context-param>

XML

In the <servlet> section, idp<servlet-name>
You have to add : "classpath*:/META-INF/shibboleth-idp/inwebo-webflow-config.xml," in contextConfigLocation <param-value>

<servlet>
	<servlet-name>idp</servlet-name>
	<init-param>
		<param-name>contextConfigLocation</param-name>
		<param-value>classpath*:/META-INF/shibboleth-idp/inwebo-webflow-config.xml,${idp.home}/system/conf/mvc-beans.xml,${idp.home}/system/conf/webflow-			config.xml</param-value>
	</init-param>
</servlet>

XML

Modify Shibboleth "authn-messages.properties" file

Path: `${idp.home}/messages/authn-messages.properties`

You have to add the following properties:
```
# inWebo messages
idp.login.inwebo.push.send = Send Push Authentication
idp.login.inwebo.connect.message = Connecting...
```
XML
Rebuild shibboleth IdP war file
```
cd ${idp.home}/bin
./build.sh
```
XML
Restart App Server (tomcat or jetty)

How to debug

Modifying shibboleth "logback.xml" file

Path `${idp.home}/conf/logback.xml`

add after `<logger name="net.shibboleth.idp" level="INFO"/>' the following section:

<!-- Logs inWebo →
<logger name="com.inwebo" level="DEBUG"/>
<logger name="org.glassfish.jersey" level="DEBUG"/>

CODE