Versions Compared

Old Version 6

changes.mady.by.user Rod Widdowson

Saved on

compared with

New Version Current

changes.mady.by.user Rod Widdowson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Add the script below to a page (#THIS PAGE#) where you want to have auto-login, e.g. a portal's home page.

  • In shibboleth2.xml file:

    • Either add redirectErrors="#THIS PAGE#" to the Errors element.

    • Alternatively you can set the ignoreNoPassive on your AssertionConsumerService, e.g.:

      Code Block
      languagexml
      <md:AssertionConsumerService Location="/SAML2/POST" index="1"                                        
    Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"                                         
    conf:ignoreNoPassive="true" />

    • If you don't have an <AssertionConsumerService> but only an <SSO> element (new simplified configuration), it is enough to add a ignoreNoPassive="true" attribute to it.

  • Make sure #THIS PAGE# is protected with a lazy session (no Shibboleth session is enforced but attribute are made available to application in case a user has a session)

...