Page Comparison

...

The beans defined in authn/jaas-authn-config.xml follow:

Bean ID	Type	Default	Function
JAASConfig	String	%{idp.home}/conf/authn/jaas.config	Defines a Spring Resource containing the JAAS config. Normally this just points to a file in the filesystem
shibboleth.authn.JAAS.JAASConfigURI	java.net.URI	JAASConfig.URI	Defines the URI object containing the JAAS configuration
shibboleth.authn.JAAS.LoginConfigNames	Collection<String>	[ "ShibUserPassAuth" ]	Simple list of JAAS application configuration names to use
shibboleth.authn.JAAS.LoginConfigurations^3.3	Collection<Pair<String,Subject>>

Static list of JAAS application

configuation

configuration names along with mappings to custom Principals
shibboleth.authn.JAAS.LoginConfigStrategy^3.3	Function (see above)

For advanced use, you can inject a function to supply at runtime the information that the previous bean would supply statically

V2 Compatibility

JAAS configuration is independent of the IdP and is therefore identical with the use of JAAS in the V2 UsernamePassword handler. By default this configuration is placed in authn/jaas.config and the legacy-matching "ShibUserPassAuth" login configuration name is used (though this can be changed).

...

This is not a comprehensive list, but it does include the most commonly used configuration arguments.

vt-ldap	ldaptive	comments
ldapUrl	ldapUrl


host	N/A	use ldapUrl
port	N/A	use ldapUrl
timeout	connectTimeout


N/A	responseTimeout


baseDn	baseDn


base	N/A	use baseDn
tls	useStartTLS


ssl	useSSL


sslSocketFactory	credentialConfig


userField	N/A	use userFilter
userFilter	userFilter


subtreeSearch	subtreeSearch


authorizationFilter	N/A


constructDn	N/A	use dnResolver
allowMultipleDns	allowMultipleDns


bindDn	bindDn


serviceUser	N/A	use bindDn
bindCredential	bindCredential


serviceCredential	N/A	use bindCredential
dnResolver	dnResolver


userRoleAttribute	userRoleAttribute

...

Notes

TBD

Versions Compared

Old Version 9

New Version Current

Key

V2 Compatibility

Notes