Shibboleth Developers

[Nate Klingenstein <>]

Lisa,

If you can still login as myself/myself and you tried enabling Tomcat authentication, then it's likely you're using Apache's authentication and bypassing everything you just did in Tomcat.  Oops. :D  Try removing the /shibboleth-idp/SSO Location block from your httpd.conf or other Apache configuration, and also remove the tomcat.requestAuthentication="false" from server.xml.

If you have things configured properly, you should see a login page and be able to authenticate against your LDAP directory.  If you have them slightly wrong, then you'll get some interesting error that will get us to the next step.

Take care,

Nate.

On 12 Jul 2007, at 19:20, Lisa Tan wrote:

Now I’d like to take a little further step to use our LDAP account to authenticate users. I have used https://spaces.internet2.edu/display/SHIB/IdPUderAuthnConfig as my reference. After modifying shibboleth-idp’s web.xml and Tomcat’s server.xml, I couldn’t use my ldap id to authenticate but I can still use myself to authenticate against sp.testshib.org.