On Wed, Jan 06, 2016 at 11:34:21AM +0000, John Horne wrote:
> On Wed, 2016-01-06 at 11:06 +0000, Andy Swiffin (Staff) wrote:
> > Hi
> >
> > It’s been very quiet here, particularly concerning discussions wrt to
> > IdP V3. Is this because it’s so straightforward that everybody has
> > just migrated and never said anything?
> >
> > I’d be interested to hear how many have migrated, how many have plans
> > to migrate and when and what your experience was.
> >
> I am currently looking at IdPv3 on a test server, with the view to
> going live during the Summer break. In particular I'm looking at using
> Jetty rather than our current Apache/Tomcat setup.
>
> I have no previous experience of Jetty, but at the moment I have
> version 9.3.6 working with access to ports 80, 443 and 8443, and
> recognising that the IdP is there (but it doesn't do anything). It
> (Jetty) is delivering static text files with no problems (we need this
> for something else). Just before Xmas I was getting the Jetty logging
> working, and will next look at security (to see if there is anything
> especific we should do).
>
> Once I'm happy with the Jetty setup, then I'll look into configuring
> the IdP based on our existing IdPv2 settings. I suspect that will be
> the hard part. I currently have version 3.2.0 installed on the server,
> but will update to 3.2.1 before reconfiguration.
For what it's worth, I started down the Jetty route and was warned off
it when I was trying to use REMOTE_USER (to let Apache do the auth) by
someone on the Shibboleth-Users group:
http://shibboleth.1660669.n2.nabble.com/Jetty-REMOTE-USER-td7618912.html
--
Matthew Slowe | Server Infrastructure Officer
IT Infrastructure, Information Services, University of Kent
Room S21, Cornwallis South
Canterbury, Kent, CT2 7NZ, UK
Tel: +44 (0)1227 824265
www.kent.ac.uk/is | @UnikentUnseenIT | @UKCLibraryIt
PGP: https://keybase.io/fooflington
|