...
Code Block | ||
---|---|---|
| ||
ShibUserPassAuth {
// See: https://spaces.internet2.edu/display/SHIB2/IdPAuthUserPass
//kerberos authentication to assure username/password are valid
//ensure that native kerberos is configured
com.sun.security.auth.module.Krb5LoginModule requisite
useKeyTab="true"
keyTab="/opt/shibboleth-idp/credentials/keytab";
// LDAP authentication to assure user belongs to OU XYZ
edu.vt.middleware.ldap.jaas.LdapLoginModule required
ldapUrl="ldap://ldap.example.org:389"
ssl="false"
tls="false"
baseDn="ou=users,dc=example,dc=org"
subtreeSearch="true"
userFilter="sAMAccountName={0}"
bindDn="<ldapservicedn>"
bindCredential="<password>";
};
|
...