Grouper Users - Open Discussion List

["GW Brown, Information Systems and Computing" <>]

Kathryn,

It looks like the REMOTE_USER is not being accepted by Tomcat. The AJP 
connector in Tomcat`s servers.xml can take an attribute:
        tomcatAuthentication="false"  

If set to true, the authentication will be done in Tomcat. Otherwise, the 
authenticated principal will be propagated from the native webserver and 
used for authorization in Tomcat. The default value is true.

Hopefully this will fix your problem.

Regards,

Gary

--On 27 July 2006 09:41 -0500 Kathryn Huxtable 
<>
 wrote:

> So what do I need to do to Grouper to Shibbolize it?
>
> I have configured my Shibboleth application to return
> eduPersonPrincipalName as REMOTE_USER (the default) and have configured
> sources.xml in grouper to use eduPersonPrincipalName for the identifier.
>
> The symptom is that upon going to the Grouper URL I go through the
> Shibboleth login process and am then delivered to the Grouper page with
> the help info and the login link instead of to the top level group page.
>
> If I put 
>
>  in my tomcat-users.xml file I can log in using
> the lame password I put in that file *after* logging in via Shibboleth and
> clicking the login link.
>
> Where do I look for info on customizing this, or what do I do?
>
> -K



----------------------
GW Brown, Information Systems and Computing