Shibboleth Developers

[Lisa Tan <>]

Nate, 

I thought Tomcat form-based authentication would overwrite Apache basic 
authentication. You are right I need to disable the basic authentication and 
remove request.tomcatAuthentication="false" from server.xml.

After restarting Apache and Tomcat, there is a very interesting thing 
happening which is I'm not seeing the login page but attributes has been 
retrieving. I think login.jsp is not placed in the correct directory. Please 
guide me where I should place the login.jsp page in Tomcat.

Thanks a lot,

Lisa
---- Original message ----
>Date: Thu, 12 Jul 2007 20:27:08 +0000
>From: Nate Klingenstein 
><>
>  
>Subject: Re: Source attributes from LDAP  
>To: 
>
>
>   Lisa,
>   If you can still login as myself/myself and you
>   tried enabling Tomcat authentication, then it's
>   likely you're using Apache's authentication and
>   bypassing everything you just did in Tomcat.  Oops.
>   :D  Try removing the /shibboleth-idp/SSO Location
>   block from your httpd.conf or other Apache
>   configuration, and also remove the
>   tomcat.requestAuthentication="false" from
>   server.xml.
>   If you have things configured properly, you should
>   see a login page and be able to authenticate against
>   your LDAP directory.  If you have them slightly
>   wrong, then you'll get some interesting error that
>   will get us to the next step.
>   Take care,
>   Nate.
>   On 12 Jul 2007, at 19:20, Lisa Tan wrote:
>
>     Now I’d like to take a little further step to
>     use our LDAP account to authenticate users. I have
>     used
>     https://spaces.internet2.edu/display/SHIB/IdPUderAuthnConfig
>     as my reference. After modifying
>     shibboleth-idp’s web.xml and Tomcat’s
>     server.xml, I couldn’t use my ldap id to
>     authenticate but I can still use myself to
>     authenticate against sp.testshib.org.