Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Tested under light load on CentOS 5 (x86_64) using TCP to connect to a database on the same box. The latest ODBC driver from MySQL was used (although the installation of the RPM wasn't perfect).

The connection string looked may look like as simple as this:

Code Block

The cryptic OPTION argument above tells ODBC to look for MySql configuration files for connection data. Hence you should create a MySql config file (ie. /etc/mysql/conf.d/odbc.cnf) accordingly, and make it readable by the user running shibd (eg. _shibd) only.

Code Block
host = dbhost
user = shibboleth
password = secret
database = shibboleth

Alternatively, you can also specify the DSN in the main config file, though it's insecure:

Code Block


Code Block
            <SessionInitiator type="Chaining" Location="/Login" isDefault="true" id="Default"
                    relayState="ss:db" forceAuthn="true" entityID="">
                <SessionInitiator type="SAML2" acsIndex="1" template="bindingTemplate.html"/>

            <LogoutInitiator type="Chaining" Location="/Logout" relayState="ss:db">
                <LogoutInitiator type="SAML2" template="bindingTemplate.html"/>
                <LogoutInitiator type="Local"/>