Please read the bottom description denoted by † first, then modify each configuration file.
- Shibboleth Setting
Major Configuration: entityID, automatic metadata download.
Major Configuration: Method for login.
→Modify the "Type" to be "UsernamePassword" and then just refer to login.config
Major Configuration: LDAP configuration for authentication.
Major Configuration: Principle definition of attribute and its resolution, which is obtained from LDAP
Original source of attribute (LDAP，ComputedID etc.)
Major Configuration: Selection of attributes to be sent to each SP.
- IdP Metadata Preparation
† If you modify each setting file, please restart the tomcat and then check the following log file.
Anchor logcheck logcheck
Main log of the IdP action. Error and warning of the IdP action is noted in this log file. You need to check this log first when you have an problem with IdP action.
Access log of the IdP. This log includes access time and access source to the IdP.
requestTime | remoteHost | serverHost|serverPort | requestPath
Message log from IdP to SP. This log includes the information such as time, corresponding ID, attributes and so on.
auditEventTime | requestBinding | requestId | relyingPartyId | messageProfileId | assertingPartyId | responseBinding | responseId | principalName | authNMethod | releasedAttributeId1,releasedAttributeId2, | nameIdentifier | assertion1ID,assertion2ID, |
Setting of these log files are described in /opt/shibboleth-idp/conf/logging.xml