...
Tested under light load on CentOS 5 (x86_64) using TCP to connect to a database on the same box. The latest ODBC driver from MySQL was used (although the installation of the RPM wasn't perfect).
The connection string looked may look like as simple as this:
| Code Block |
|---|
DRIVER=MySql;OPTION=65536 |
The cryptic OPTION argument above tells ODBC to look for MySql configuration files for connection data. Hence you should create a MySql config file (ie. /etc/mysql/conf.d/odbc.cnf) accordingly, and make it readable by the user running shibd (eg. _shibd) only.
| Code Block |
|---|
[odbc]
host = dbhost
user = shibboleth
password = secret
database = shibboleth |
Alternatively, you can also specify the DSN in the main config file, though it's insecure:
| Code Block |
|---|
DRIVER=MySQL;SERVER=sp.example.org;DATABASE=shibboleth;USER=root;PASSWORD=password |
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
<SessionInitiator type="Chaining" Location="/Login" isDefault="true" id="Default"
relayState="ss:db" forceAuthn="true" entityID="">
<SessionInitiator type="SAML2" acsIndex="1" template="bindingTemplate.html"/>
</SessionInitiator>
<LogoutInitiator type="Chaining" Location="/Logout" relayState="ss:db">
<LogoutInitiator type="SAML2" template="bindingTemplate.html"/>
<LogoutInitiator type="Local"/>
</LogoutInitiator> |
...