/
login.config
45 lines (32 loc) · 1.59 KB
/
login.config
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
/*
This is the JAAS configuration file used by the Shibboleth IdP.
A JAAS configuration file is a grouping of LoginModules defined in the following manner:
<LoginModuleClass> <Flag> <ModuleOptions>;
LoginModuleClass - fully qualified class name of the LoginModule class
Flag - indicates whether the requirement level for the modules;
allowed values: required, requisite, sufficient, optional
ModuleOptions - a space delimited list of name="value" options
For complete documentation on the format of this file see:
http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html
For LoginModules available within the Sun JVM see:
http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/tutorials/LoginConfigFile.html
Warning: Do NOT use Sun's JNDI LoginModule to authentication against an LDAP directory,
Use the LdapLoginModule that ships with Shibboleth and is demonstrated below.
Note, the application identifier MUST be ShibUserPassAuth
*/
ShibUserPassAuth {
// Example LDAP authentication
// See: https://wiki.shibboleth.net/confluence/display/SHIB2/IdPAuthUserPass
edu.vt.middleware.ldap.jaas.LdapLoginModule required
ldapUrl="ldap://localhost:1389"
baseDn="ou=People,dc=example,dc=com"
ssl="false"
userFilter="uid={0}";
// Example Kerberos authentication, requires Sun's JVM
// See: https://wiki.shibboleth.net/confluence/display/SHIB2/IdPAuthUserPass
/*
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab="true"
keyTab="/path/to/idp/keytab/file";
*/
};