...
Code Block |
---|
title | Apache configuration |
---|
|
<Location /idp/Authn/RemoteUser>
AuthType Basic
AuthName "Example Identity Provider Login”
AuthBasicProvider ldap
AuthLDAP ...
require valid-user
</Location>
|
Second, the RemoteUser Login Handler
is configured to be triggered by a special authentication context class :(the class URI shown is an example and not suitable for use).
Code Block |
---|
|
<LoginHandler xsi:type="RemoteUser">
<AuthenticationMethod>
urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:BasicAuthnhttps://example.org/authenticationContext/myclass
</AuthenticationMethod>
</LoginHandler>
|
...
Code Block |
---|
| xml |
---|
| xml |
---|
title | shibboleth2.xml |
---|
|
<SessionInitiator type="Chaining" Location="/WebDAVLogin" id="WebDAVLogin"
entityID="https://idp.example.org/idp/shibboleth"
target="https://webdav.example.org/">
<SessionInitiator type="SAML2"
acsIndex="6" <!-- urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact -->
template="bindingTemplate.html"
outgoingBindings="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
authnContextClassRef="u:o:n:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:BasicAuthn"https://example.org/authenticationContext/myclass" />
</SessionInitiator>
|
Second, an example WebDAV resource is configured:
Code Block |
---|
title | Apache configuration |
---|
|
<VirtualHost webdav.example.org:443>
<Location />
Options +Indexes +MultiViews
DAV on
AuthType shibboleth
ShibRequireSession On
require valid-user
ShibRequireSessionWith WebDAVLogin
</Location>
</VirtualHost>
|
...
Code Block |
---|
title | Apache configuration |
---|
|
Alias /idp.example2.org /
<Location /idp.example2.org>
ShibRequestSetting entityID https:///idp.example2.org/idp/shibboleth
</Location>
Alias /idp.example3.org /
<Location /idp.example3.org>
ShibRequestSetting entityID https:///idp.example3.org/idp/shibboleth
</Location>
|
...