[Dspace-devel] [DuraSpace JIRA] (DS-1503) ShibAuthentication depends on use of non-recommended Apache UseHeaders setting

[Tim Donohue (DuraSpace JIRA)]

Title: Message Title

Tim Donohue commented on an issue   Re: ShibAuthentication depends on use of non-recommended Apache UseHeaders setting Hardy, please make sure to update our 4.x documentation. This is currently not documented properly in the 4.0 Documentation, which explicitly says that "ShibUseHeaders On" is required: https://wiki.duraspace.org/display/DSDOC4x/Authentication+Plugins#AuthenticationPlugins-Apache"mod_shib"Configuration(required) I'm personally not sure what all doc changes are needed. It sounds like we need to better document how to get DSpace working with the "ShibUseHeaders Off" setting (based on whether you are using mod_proxy_ajp or mod_jk). Add Comment   DSpace / DS-1503 ShibAuthentication depends on use of non-recommended Apache UseHeaders setting ShibAuthentication has a method findHeader that checks the request header for an attribute (like mail address, first name, last name). Pulling attributes from the header is not recommended per Shibboleth documentation and is *not* the default: ShibUseHeaders On|Off Defaults to "Off", this turns on the use of request headers to publish attributes to... This message was sent by Atlassian JIRA (v6.1.1#6155-sha1:7188aee)

------------------------------------------------------------------------------
Managing the Performance of Cloud-Based Applications
Take advantage of what the Cloud has to offer - Avoid Common Pitfalls.
Read the Whitepaper.
http://pubads.g.doubleclick.net/gampad/clk?id=121051231&iu=/4140/ostg.clktrk
_______________________________________________
Dspace-devel mailing list
Dspace-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-devel