Sakai 11 and Shibboleth SSO
Brett Parker
Greeting,
I am working on getting Sakai 11.3 running for our campus. I have successfully gotten it going and now I am looking to get SSO setup. I am following these instructions for Shibboleth.
https://confluence.sakaiproject.org/display/SAKDEV/Shibboleth
I have successfully installed the SP. What I am not sure of is how and where to deploy the ANU Patch. I am not familiar with patching Sakai so if anyone could provide me a quick step-by-step on this it would be greatly appreciated.
Thanks.
Brett Parker
Wayne State College
Network and Technology Services
Sam Ottenhoff
--
You received this message because you are subscribed to the Google Groups "Sakai Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sakai-dev+unsubscribe@apereo.org.
To post to this group, send email to saka...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/sakai-dev/.
Steve Swinsburg
--
Brett Parker
This great. I will go this route. Thanks for pointing me in the right direction. It looks like I just need to change settings in the XML file that pertains to my setup. Is there anything I need to do to activate that setup for my Sakai instance? I was searching for any guides but didn’t come across anything. Any help with steps needing to be taken would be greatly appreciated.
Thanks again.
-Brett-
From: Sam Ottenhoff [mailto:otte...@longsight.com]
Sent: Friday, May 19, 2017 10:29 AM
To: Brett Parker <brpa...@wsc.edu>
Cc: sakai-dev <saka...@apereo.org>
Subject: Re: [sakai-dev] Sakai 11 and Shibboleth SSO
I'm sure it's possible to run with Shibboleth + Apache + mod_shib, but Sakai 11+ includes spring-saml support. You can see some of the sample configs here:
Running with spring-saml means a large reduction in additional pieces of software you need to run.
On Fri, May 19, 2017 at 11:24 AM, Brett Parker <brpa...@wsc.edu> wrote:
Greeting,
I am working on getting Sakai 11.3 running for our campus. I have successfully gotten it going and now I am looking to get SSO setup. I am following these instructions for Shibboleth.
https://confluence.sakaiproject.org/display/SAKDEV/Shibboleth
I have successfully installed the SP. What I am not sure of is how and where to deploy the ANU Patch. I am not familiar with patching Sakai so if anyone could provide me a quick step-by-step on this it would be greatly appreciated.
Thanks.
Brett Parker
Wayne State College
Network and Technology Services
--
You received this message because you are subscribed to the Google Groups "Sakai Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sakai-dev+...@apereo.org.
Matthew Buckett
and LDAP as our production team is much more familiar with the Apache
configuration for Shibboleth rather than the Spring Security setup,
and we already have quite a bit of configuration in Apache so removing
from our stack would be non trivial.
On 22 May 2017 at 14:23, Brett Parker <brpa...@wsc.edu> wrote:
> This great. I will go this route. Thanks for pointing me in the right
> direction. It looks like I just need to change settings in the XML file
> that pertains to my setup. Is there anything I need to do to activate that
> setup for my Sakai instance? I was searching for any guides but didn’t come
> across anything. Any help with steps needing to be taken would be greatly
> appreciated.
>
>
>
> Thanks again.
>
>
>
> -Brett-
>
>
>
> From: Sam Ottenhoff [mailto:otte...@longsight.com]
> Sent: Friday, May 19, 2017 10:29 AM
> To: Brett Parker <brpa...@wsc.edu>
> Cc: sakai-dev <saka...@apereo.org>
> Subject: Re: [sakai-dev] Sakai 11 and Shibboleth SSO
>
>
>
> Visit this group at https://groups.google.com/a/apereo.org/group/sakai-dev/.
>
>
>
> You received this message because you are subscribed to the Google Groups
> "Sakai Development" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> Visit this group at https://groups.google.com/a/apereo.org/group/sakai-dev/.
Matthew Buckett
VLE Developer
Systems and Applications, Academic IT
IT Services, University of Oxford
13 Banbury Road, OX2 6NN
Tel: 01865 283349
Brett Parker
I have been working on this for awhile but not having much luck.
I am looking at this https://jira.sakaiproject.org/browse/SAK-30105 for reference.
What I don’t know is:
1) Are these changes made within the login tool in webapps directory or do I need to change them in the source files and rebuild/redeploy?
2) What other Sakai files need configuration changes? I have changed login properties in sakai.properties based off of this: https://confluence.sakaiproject.org/display/SAKDEV/Shibboleth
Outside of these two parts I am don’t know what else to change. Anyone using spring-saml against an idp like Shibboleth?
-Brett-
Rafael Morales Gamboa
1) You can do that in webapps/sakai-login-tool but my guess is
that you will need to reload the application (I do that just in
case).
Sam Ottenhoff
--
To unsubscribe from this group and stop receiving emails from it, send an email to sakai-dev+unsubscribe@apereo.org.
To post to this group, send email to saka...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/sakai-dev/.
--
You received this message because you are subscribed to the Google Groups "Sakai Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sakai-dev+unsubscribe@apereo.org.
Brett Parker
Did some work this morning on this, but have not got it going yet. I get to the front page of Sakai but when I click on my Login link I get an error because it can’t find https://mySakaiAddress/portal/login. The error is a NullPointerException.
I have set my container.login to true and set top.login to false
I have tried copying the xlogin-context.saml.xml file over applicationContext.xml and made the changes.
I have also tried making changes in xlogin-context.samle.xml and uncommenting the <import> line in applicationContext.xml
After the changes I restart Sakai.
Both of these results in the same error looking for /portal/login.
Is this supposed to be trying to get to /portal/login? I thought it should try to get to our Idp to sign in.
-Brett-
From: Sam Ottenhoff [mailto:otte...@longsight.com]
Sent: Wednesday, May 24, 2017 8:35 PM
To: Brett Parker <brpa...@wsc.edu>
Cc: sakai-dev <saka...@apereo.org>
Subject: Re: [sakai-dev] Sakai 11 and Shibboleth SSO
1) They are XML configs so re-compilation is not needed. But you do need to reload the webapp. The easiest way to do that is by restarting Tomcat.
--
To unsubscribe from this group and stop receiving emails from it, send an email to sakai-dev+...@apereo.org.
To post to this group, send email to saka...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/sakai-dev/.
--
You received this message because you are subscribed to the Google Groups "Sakai Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sakai-dev+...@apereo.org.