Liferay 6 with casshib
39 views
Skip to first unread message
ArcticFox
Jul 25, 2011, 2:03:48 PM7/25/11
to casshib
Hello all,
I've been reviewing the existing material and so far I'm still
stuck.
We're building a portal using Liferay 6 and authenticating through
Shibboleth. The Shibboleth part works fine. I enter the URL for the
portal, get redirected to my IdP, log in, then am redirected back to
the portal. So far so good.
The problem is that once I'm looking at the portal again, I'm not
logged in.
Now, I'm completely new to SSO and I'm sure it's gaps in my knowledge
that are holding me back, so I bring this here in the hope that minds
far wiser and knowledgeable than my own can help!
Liferay Settings:
------------------------
Users authenticate by E-mail address
CAS is Enabled
Login URL: https://testshib.server/casshib/shib/portal
Logout URL: https://testshib.server/casshib/shib/portal
Server Name: testshib.server
Server URL: https://testshib.server/casshib/shib/portal
Service URL: https://testshib.server/shibboleth
From shibboleth2.xml
--------------------------------
<RequestMapper type="Native">
<RequestMap applicationId="default">
<Host name="testshib.server" port="443" scheme="https">
<PathRegex regex="casshib/shib/portal"
applicationId="portal" authType="shibboleth" requireSession="true"/>
</Host>
</RequestMap>
</RequestMapper>
<!-- More stuff -->
<ApplicationOverride id="portal"
entityID="https://admin.example.org/
shibboleth"
homeURL="https://testshib.server/"
REMOTE_USER="eppn persistent-id targeted-id">
<Sessions lifetime="28800" timeout="3600" checkAddress="false"
handlerURL="/casshib/shib/portal/
Shibboleth.sso" handlerSSL="true"
exportLocation="/casshib/shib/portal/
Shibboleth.sso/GetAssertion"
idpHistory="false" idpHistoryDays="7"
cookieProps="; path=/casshib/shib/portal">
</Sessions>
</ApplicationOverride>
In attribute-map.xml and attribute-policy.xml I've added "shibattr-"
as a prefix to all of the attributes.
I'm sure I'm missing something ridiculously obvious but now I think
I've been staring at it all too long and I need another pair of eyes.
I've been reviewing the existing material and so far I'm still
stuck.
We're building a portal using Liferay 6 and authenticating through
Shibboleth. The Shibboleth part works fine. I enter the URL for the
portal, get redirected to my IdP, log in, then am redirected back to
the portal. So far so good.
The problem is that once I'm looking at the portal again, I'm not
logged in.
Now, I'm completely new to SSO and I'm sure it's gaps in my knowledge
that are holding me back, so I bring this here in the hope that minds
far wiser and knowledgeable than my own can help!
Liferay Settings:
------------------------
Users authenticate by E-mail address
CAS is Enabled
Login URL: https://testshib.server/casshib/shib/portal
Logout URL: https://testshib.server/casshib/shib/portal
Server Name: testshib.server
Server URL: https://testshib.server/casshib/shib/portal
Service URL: https://testshib.server/shibboleth
From shibboleth2.xml
--------------------------------
<RequestMapper type="Native">
<RequestMap applicationId="default">
<Host name="testshib.server" port="443" scheme="https">
<PathRegex regex="casshib/shib/portal"
applicationId="portal" authType="shibboleth" requireSession="true"/>
</Host>
</RequestMap>
</RequestMapper>
<!-- More stuff -->
<ApplicationOverride id="portal"
entityID="https://admin.example.org/
shibboleth"
homeURL="https://testshib.server/"
REMOTE_USER="eppn persistent-id targeted-id">
<Sessions lifetime="28800" timeout="3600" checkAddress="false"
handlerURL="/casshib/shib/portal/
Shibboleth.sso" handlerSSL="true"
exportLocation="/casshib/shib/portal/
Shibboleth.sso/GetAssertion"
idpHistory="false" idpHistoryDays="7"
cookieProps="; path=/casshib/shib/portal">
</Sessions>
</ApplicationOverride>
In attribute-map.xml and attribute-policy.xml I've added "shibattr-"
as a prefix to all of the attributes.
I'm sure I'm missing something ridiculously obvious but now I think
I've been staring at it all too long and I need another pair of eyes.
Reply all
Reply to author
Forward
0 new messages