[Koha-bugs] [Bug 8446] Shibboleth authentication patch
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Sun Oct 20 21:14:12 CEST 2013
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8446
--- Comment #9 from Martin Renvoize <martin.renvoize at ptfs-europe.com> ---
The promised test plan...
First up, you'll need to install some additional debian packages:
1. Install shibboleth deamon and apache shibboleth module (Testing upon Debian
7.1 is best, as packages are updated and simpler to configure)
sudo apt-get install libapache2-mod-shib2 libshibsp5:amd64
shibboleth-sp2-schemas
2. Configure shibboleth 'party of trust' arrangement (i.e. trade metadata keys
with your IdP.. see next comment for details)
3. Configure shibboleth attribute mapping (see next comment for further
details)
4. Configure OPAC Virtualhost to enable shibboleth authentication (add the
foloowing to your virtualhost)
<Location />
AuthType shibboleth
Require shibboleth
</Location>
Note: The above will enable shibboleth authentication with a fallback to local
(or CAS, or LDAP, or Persona).. you can adapt this to enable Shibboleth only if
you like
5. You should have some now options in the staff client under 'Administration >
System Preferences > Shibboleth Authentication'. Enable 'Shibboleth
Authentication' and set the 'login attribute' to match what you setup in step
3.
6. Test login in the OPAC. You should either be logged in directly (if you are
already logged into your IdP by some other means) or when clicking 'Login' you
should see the option to login via Shibboleth which will redirect you to your
IdP for authentication.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list