1 260
szerkesztés
Módosítások
→Setting Shibboleth parameters for the module: rewriting to the new-style configuration interface
==== Setting Shibboleth parameters for the module ====
===== Handler settings =====
If you are using lazy sessions, you have to define the Shibboleth SessionInitiator to which the user should be directed when she clicks on "Login with Shibboleth". The SessionInitiator can be called on a special URL is constituted of the following:* protocol scheme (<code>http://</code> or <code>https://</code>)* host name * Shibboleth handler URL (usually: <code>/which depends on your Shibbolethconfiguration.sso</code>)* 'location' part of the SessionInitiator definition
If your '''/etc/shibboleth/shibboleth2.xml snippet'''is something like this:
<source lang="xml">
<Sessions lifetime="28800" timeout="3600" checkAddress="false"
<SessionInitiator type="Shib1" defaultACSIndex="5"/>
</SessionInitiator>
<!-- other things -->
<LogoutInitiator type="Chaining" Location="/Logout" relayState="cookie">
<LogoutInitiator type="SAML2" template="bindingTemplate.html"/>
<LogoutInitiator type="Local"/>
</LogoutInitiator>
<!-- other things -->
</Sessions>
</source>
===== Attribute settings =====
Specify here the '''$_SERVER''' headers to look up the user's username and e-mail address. Please check '''DEBUG''' mode to look for the available headers. If you can not find the desired attribute, then something is wrong with your IdP-SP attribute release flow.
