Nuno Gonçalves wrote:
I belive that it
is
login.jsp usually located at
shibboleth-identityprovider-2.1.2/src/main/webapp
and also usually deployed at $TOMCAT_HOME/webapp/idp
No, that's not the same as the 1.3 IdP.jsp. Login.jsp is the HTML form
used by default for the UsernamePassword LoginHandler. You would
customize that if you wanted a custom login page. The 1.3 IdP.jsp was
used to render the Browser/POST response back to the client. Totally
unrelated.
The 2.x IdP uses Velocity templates to render the form-based binding
responses back to the client browser, rather than a JSP file.
Unfortunately, we don't currently have any supported or documented way
that those may be customized.
FYI, by default those live inside a jar file in the IdP's war file:
# jar tvf opensaml-2.2.3.jar | grep templates
0 Sun Dec 21 11:43:16 EST 2008 templates/
1141 Sun Dec 21 11:43:16 EST 2008 templates/saml1-post-binding.vm
1233 Sun Dec 21 11:43:16 EST 2008
templates/saml2-post-artifact-binding.vm
1318 Sun Dec 21 11:43:16 EST 2008 templates/saml2-post-binding.vm
1825 Sun Dec 21 11:43:16 EST 2008
templates/saml2-post-simplesign-binding.vm
If you choose to do surgery on those, you're on your own.
Since you're not the first person to ask, I will open a Jira issue for
an RFE to document how to do this without cracking open that jar. It's
actually possible right now if you are knowledgeable about Spring and
Velocity and our IdP config layout, but would be totally unsupported by
us at this point.
I had a custom code in it to do a treatment each time the IdP was reached (while changing from a SP to another).
What is the best way to get the same behaviour with Shibboleth 2? Could you please provide me an example/explanation?
If you want to customize the look and feel of the page(s) for the
benefit of the end-user, then those templates are the relevant thing to
customize. If instead what you want to do is execute custom code on
every request, then they probably aren't, as they are not JSP. You'd
need to describe in more detail what it is you want to accomplish. As
someone mentioned in a recent thread, one portable way to do something
like that in general in the IdP is via a servlet filter.
--Brent