The Shibboleth V2 IdP and SP software have reached End of Life and are no longer supported. This documentation is available for historical purposes only. See the IDP v4 and SP v3 wiki spaces for current documentation on the supported versions.

IdP Infocard Prerequisites

Owned by Former user (Deleted)
Last updated: Aug 03, 2009 by ndk@internet2.eduVersion comment

Prerequisites

This extension is in its alpha stage. As such your experience may not be completely free from consternation. You are expected to have a working knowledge of Shibboleth and Tomcat (or JBoss, whatever you use), and also:

  • An installed Shibboleth 2.x IdP
  • A SQL database of some sort (one that JDBC wrks with). This data base will be use to support the authentication method that allows a user to use a personal card to authenticate a managed card. Define a "personalcards" table with three text columns: id, ppid, pubkey.
  • A program to generate card images. These are 250x167 png images. You can stream a static png file or generate a custom image using, for example (netpbm required): 
    #!/bin/bash
# $1 = card_id : username
cardid="$1"
id="${cardid##*:}"
src=<some_dir>/card_background.ppm
mask=<some_dir>/$1.mask
pbmtext -font $font $id > $mask
pnmdepth 255 $mask | \
   ppmchange black linen | \
   pnmcomp -xoff=-20 -yoff=116 -alpha $mask -invert - $src | \
   pnmtopng
    If you can be content with the default card image, probably dependent on the Identity Selector, you can skip this step.
  • A JAAS configuration that will authenticate a userid and password. This is required regardless of whether or not you use tomcat for SSO authentication. Authentication of Infocards is backdoor and no browser is directly involved.