Shibboleth Developers

["Leung, Warren" <>]

Hi

Currently we are running version 2.5.2 of Confluence and have integrated
it successfully with Shibboleth.  If a user is required to authenticate
before viewing confluence, everything seems to be fine.  However if we
set it up so that we would want to use lazy sessions, issues arise.
Once a user hits our confluence site and tries to login a session
creation error occurs.  Below are some of our configurations.

         
shibboleth.xml

<Path name="confluence" authType="shibboleth" requireSession="false"/>

         
httpd.conf

<Location /confluence>
 AuthType shibboleth
 require shibboleth
</Location>

httpd.conf
#This hackery is to get around an incompatibility between lazy sessions
and the servlet cookie detection mechanism
RewriteRule ^/Shibboleth.sso/Login;jsessionid.*$ /Shibboleth.sso/Login
[R,NE]

seraph-config.xml
<param-name>login.url</param-name>
<param-value>https://www.site.com/Shibboleth.sso/Login?target=${original
url}</param-value>
<param-name>link.login.url</param-name>
<param-value>https://www.site.com/Shibboleth.sso/Login?target=${original
url}</param-value>

         
These configuration values are basically the same as the values under
the spaces site/guide on Shibbloized Confluence.

Thanks

Warren