Módosítások

You should be familiar with protecting resources with Shibboleth before using this module. (See [https://spaces.internet2.edu/display/SHIB2/NativeSPProtectContent Shibboleth Wiki]) Please check that Shibboleth authentication is working for that location and all the necessary attributes are exported to the headers. You can enable DEBUG mode to see dump the whole $_SERVER array. If you can see Shibboleth attributes there, you're fine.

* '''Lazy Sessions''':session is only initiated if an application redirects user to the SessionInitiator URL. In this module, it is done by clicking the ''"Login with Shibboleth"'' link. Anonymous access is possible.:: <small>Detailed description of [[Lazy Session|lazy sessions]] in Hungarian.</small>* '''"Strict" Sessions''' (normal sessions):users can only access Drupal content if they have a valid Shibboleth session. This case, no anonymous access can be granted (not even read-only).  ==== Example Shibboleth configuration ===='''Note:''' this example uses lazy sessions. Configuration for Shibboleth 1.3 is quite similar. '''/etc/shibboleth/shibboleth2.xml snippet''': <source lang="xml"><RequestMapper type="Native"> <RequestMap applicationId="default"> <Host name="your.host.name"> <Path name="location_of"> <Path name="your_Drupal"> <Path name="installation" authType="shibboleth" requireSession="false" /> </Path> </Path> </Host> </RequestMap></RequestMapper></source>  '''Apache config file snippet''' (ie. <code>/etc/apache2/sites-enabled/your.host.name</code>, or you can even use <code>.htaccess</code> without the <code><Location></code> tags):<source lang="apache"><Location /location_of/your_Drupal/installation> AuthType Shibboleth ShibRequireSession Off require shibboleth</Location></source>==== Administering Drupal with strict sessions ====Beyond anonymous access, you can neither login as 'admin' user anymore, if you use strict sessions. It's quite tricky to circumvent it:# Enable Shibboleth protection# Login with your own user credentials, so that your Drupal user profile is created# Disable Shibboleth protection# Login as 'admin', grant your own user 'Administrator' rights.# Enable Shibboleth protection# Login with your own credentials, you should have 'Administrator' rights now.