Versions Compared

Old Version 43

changes.mady.by.user Robert A Basch

Saved on

compared with

New Version 44

changes.mady.by.user Robert A Basch

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Panel

Once your SP is properly registered with the IdP, you can test your SP's configuration by visiting either the Shibboleth handler's session initiation location (https://myhost/Shibboleth.sso/Login if using the standard configuration generated by gen-shib2.sh), or a resource protected in your Apache configuration or Shibboleth request map, e.g. https://myhost/secure. After you have authenticated successfully, you can then visit https://myhost/Shibboleth.sso/Session to display the Shibboleth session information. For example:

No Format

Miscellaneous
Client Address: 18.18.4.152
Identity Provider: https://idp.mit.edu/shibboleth
SSO Protocol: urn:oasis:names:tc:SAML:2.0:protocol
Authentication Time: 2011-02-02T17:48:17.644Z
Authentication Context Class: urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos
Authentication Context Decl: (none)
Session Expiration (barring inactivity): 479 minute(s)

Attributes
affiliation: 1 value(s)
displayName: 1 value(s)
eppn: 1 value(s)
mail: 1 value(s)
nickname: 1 value(s)
primary-affiliation: 1 value(s)
unscoped-affiliation: 1 value(s)

, including a list of the available attributes. To include the attribute values in this display, edit shibboleth2.xml, and set the handler's showAttributeValues property to "true":

No Format
    <!-- Session diagnostic service. -->
    <Handler type="Session" Location="/Session" showAttributeValues="true"/>

...