Page Comparison

ShibUserPassAuth {

// See: https://spaces.internet2.edu/display/SHIB2/IdPAuthUserPass

//kerberos authentication to assure username/password are valid
//ensure that native kerberos is configured
   com.sun.security.auth.module.Krb5LoginModule requisite
      useKeyTab="true"
      keyTab="/opt/shibboleth-idp/credentials/keytab";

// LDAP authentication to assure user belongs to OU XYZ
   edu.vt.middleware.ldap.jaas.LdapLoginModule required
      ldapUrl="ldap://ldap.example.org:389"
      ssl="false"
      tls="false"
      baseDn="ou=users,dc=example,dc=org"
      subtreeSearch="true"
      userFilter="sAMAccountName={0}"
      bindDn="<ldapservicedn>"
      bindCredential="<password>";

};