Hi Tim, Yes, that wiki page is the one I used while doing the configuration. Sorry, I should have clarified that. I also looked at a number of pages on the Shibboleth wiki that seemed relevant, such as this one (https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPApacheConfig), but so far they haven't helped me to solve the problem. No matter what, I always end up being redirected to port 8080 (Tomcat) when I'm sent to the /shibboleth-login page in Dspace.
While looking into the problem, I also poked around the Dspace source code and found the line where the port is determined for the login page, but I'm not sure what I need to do to change it to 80 instead of 8080 since it's pulling it from the HttpServletRequest and not the ConfigurationManager. https://github.com/DSpace/DSpace/blob/dspace-4.1/dspace-api/src/main/java/org/dspace/authenticate/ShibAuthentication.java#L494 Bryson -----Original Message----- From: Tim Donohue [mailto:[email protected]] Sent: Wednesday, July 09, 2014 9:13 AM To: Duda, Bryson; [email protected] Subject: Re: [Dspace-tech] Shibboleth woes Hi Bryson, Just to clarify, have you seen the official 4.x documentation for setting up Shibboleth at: https://wiki.duraspace.org/display/DSDOC4x/Authentication+Plugins#AuthenticationPlugins-ShibbolethAuthentication The official docs go into some detail as to how you can configure Apache + Tomcat + mod_shib. I just wanted to be sure you are looking at the correct place in the Wiki (as you didn't mention which wiki page you were looking at) I'm pretty sure there are also some older, outdated notes others have posted elsewhere on the wiki (most of the wiki is publicly editable...but the "official docs" section is privately maintained & usually more accurate). - Tim On 7/8/2014 5:33 PM, Duda, Bryson wrote: > Hi everyone, > > I've been having some problems getting Shibboleth and Dspace to play > nice together, and I'm hoping that someone can help me see where I'm > going wrong. Our current setup is Dspace 4.1 served by Tomcat 7 (on > port > 8080) with authentication handled through Shibboleth 2.5.2 via Apache > httpd 2.4.6 (on port 80). > > The problem: After authenticating through Shibboleth, users are being > redirected directly to Tomcat, bypassing httpd. This generates an > "Authentication Failed" message since Tomcat isn't involved with the > Shibboleth authentication, only httpd is. > > Background: Everything was set up based on the Shibboleth > Authentication section of the Duraspace wiki, with one additional > change. In the shibboleth2.xml config file, I set a manual handlerURL > inside the Sessions tag. That URL ensures that requests for > /Shibboleth.sso go to httpd instead of Tomcat. I found that if I > didn't set it explicitly, I'd get a "No peer endpoint available" > Shibboleth error instead of being redirected to our institution's Single Sign > On page. > > I don't have a lot of experience with Apache or Shibboleth, so I'm > hoping that a more seasoned veteran can steer me in the right direction. > I wasn't sure what information would be pertinent, so I can certainly > provide more if needed. Thanks in advance! > > Bryson Duda > > Systems Support Specialist > > Information Systems and Technical Services University of Lethbridge > Library > > Phone: 403-332-4462 > > > > ---------------------------------------------------------------------- > -------- Open source business process management suite built on Java > and Eclipse Turn processes into business applications with Bonita BPM > Community Edition Quickly connect people, data, and systems into > organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards > http://p.sf.net/sfu/Bonitasoft > > > > _______________________________________________ > DSpace-tech mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/dspace-tech > List Etiquette: > https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette > ------------------------------------------------------------------------------ Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft _______________________________________________ DSpace-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
