I have been experimenting with the Shibboleth service provider v2 software, and have successfully configured Moodle 1.9 to authenticate against the TestShib identity provider. In this configuration the entityid of the TestShib IDP is hard coded into the SessionInitiator node in shibboleth2.xml.
My ultimate aim is to use Shibboleth to authenticate against shared services within a private federation, i.e. members authenticate against their identity providers to access services on my server. I do not expect a large number of members, so in the initial stages I will use a local metadata file which I will edit manually.
I have a few questions:
1. Do I need to install a full-blown discovery service on my server? Considering that the federation membership will be small, it will be quite easy for me to build a web form with a list of members for users to select their home institution.
2. If I can use a web form, can anyone point me to information on how the form will be invoked, what information it will return etc.?
3. I have installed the discovery service software, but I get a java.lang.NoClassDefFoundError. The log refers to org.apache.xerces, so I thought it could be related to the custom xerces and xalan class libraries included with the service provider software which I had copied to the tomcat/endorsed folder. I tried adding tomcat/endorsed to common.loader in catalina.properites. When that failed I copied the xalan and xerces jar files to the tomcat/lib folder, but that did not work either. Any ideas?
Any help would be greatly appreciated. I would be willing to send copies of any configuration or log files if necessary.
|