I'm going to be attempting to setup shibboleth on our ubuntu server for single sign-on. Has anyone tried this and had success? One thing i'm curious about is how people have authenticated after passing the credentials from the login to, for example, google apps and then authenticating the user against data stored with the metadata provider? our users are created through our SMS in to AD, so is it possible to setup AD to provide this or must it be manually generated and stored as an .xml file some where accessable by shib?
I'm having a mental block on one other issue with ubuntu. shib requires java so i've installed openjdk 7 and can run 'java' from terminal but shib gives an error about JAVA_HOME not being found.
what should i need to setup for this to pass?Code:if [ -z "$JAVACMD" ] ; then if [ -n "$JAVA_HOME" ] ; then if [ -x "$JAVA_HOME/jre/sh/java" ] ; then # IBM's JDK on AIX uses strange locations for the executables JAVACMD=$JAVA_HOME/jre/sh/java else JAVACMD=$JAVA_HOME/bin/java fi else JAVACMD=java fi fi
Last edited by atamakosi; 24th May 2012 at 12:01 AM.
yes I tried this a couple of years ago.
I did get it authenticating, but not with ubuntu - it was either debian or centos. I only got as far as getting the shib auth to work and had issues with getting the AD-shib-google working. I ran out of time and bought in a solution from SSOEasy. Shib is great in theory, but in practice so few educational providers use it that I've had no practical use for it since I was playing with the install. Really can't remember enough to help with your question though.
If you do persist, I'd be grateful for a howto
There are currently 1 users browsing this thread. (0 members and 1 guests)