Versions Compared

Old Version 1

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

The Shibboleth 2.0 SP Infocard plugin adds a session initiator and
assertion consumer service to support Information Card login.

Session Initiator

An infocard login is triggered by the submission of a form
containing either an application/x-informationcard object or
an ic:informationCard XHTML element. This form also identifies
all attributes that are required or are optional. The plugin's
configuration requires specification of a page template for
this form. It can be set to auto-submit. For example:

...

A session initiator element for infocard might look like:

Code Block
xml
xml

 
<!-- InfoCard service. -->
     <SessionInitiator type="InfoCard"
        template="/usr/local/shib-R20/etc/shibboleth/infocard1.html"/>
  • The initiator's id attribute
    can be referenced by a .htaccess or Location apache
    configuration ShibRequireSessionWith directive to request infocard login.

Assertion Consumer Service

The target of the posted login form is the infocard plugin's assertion
consumer service, configured:

Code Block
xml
xml

   
<!-- InfoCard consumer -->
    <md:AssertionConsumerService Location="/SAML/InfoCard" index="5"
        Binding="InformationCard"/>

...

  • Decrypts the assertion, which has been encrypted with the
    public key of one of the SP's certificates.

...