Skip to Content.
Sympa Menu

shibboleth-dev - Re: [Shib-Dev] Writing an IDP extension

Subject: Shibboleth Developers

List archive

Re: [Shib-Dev] Writing an IDP extension


Chronological Thread 
  • From: André Cruz <>
  • To:
  • Subject: Re: [Shib-Dev] Writing an IDP extension
  • Date: Tue, 14 Oct 2008 18:15:35 +0100
Hello.

I'm having problems referencing my custom login handler from handlers.xml...
The root cause of this error was: cvc-elt.4.2: Cannot resolve 'sapo:SAPOMemcache' to a type definition for element 'LoginHandler'.

handlers.xml:
    <LoginHandler xmlns:sapo="urn:mace:sapo.pt:shibboleth:memcache:authn" xsi:type="sapo:SAPOMemcache">
        <AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</AuthenticationMethod>
    </LoginHandler>

I already tried without the namespace specification but the result is the same...

schema/memcache-handler.xsd:
        elementFormDefault="qualified">

    <xsd:import namespace="urn:mace:shibboleth:2.0:idp:profile-handler"
            schemaLocation="classpath:/schema/shibboleth-2.0-idp-profile-handler.xsd" />

    <xsd:complexType name="SAPOMemcache">
        <xsd:complexContent>
            <xsd:extension base="ph:LoginHandlerType">
               <xsd:attribute name="protectedServletPath" type="xsd:string" default="/Authn/RemoteUser">
                    <xsd:annotation>
                        <xsd:documentation>
                            The servlet context path to the
                            edu.internet2.middleware.shibboleth.idp.authn.provider.RemoteUserAuthServlet instance
                            protected by the container or web server.
                        </xsd:documentation>
                    </xsd:annotation>
                </xsd:attribute>
            </xsd:extension>
        </xsd:complexContent>
    </xsd:complexType>

</schema>

spring.handlers:
urn\:mace\:sapo.pt\:shibboleth\:memcache\:authn = pt.sapo.shibboleth.authn.config.MemcacheNamespaceHandler

spring.schemas:
urn\:mace\:sapo.pt\:shibboleth\:memcache\:authn = schema/memcache-handler.xsd



Any ideas?

Best regards,
André

On Oct 9, 2008, at 6:57 PM, Chad La Joie wrote:



André Cruz wrote:
In this case I'm writing a LoginHandler.

Regarding the LoginContext, I use it to know if forceAuth or isPassive
is requested. Is there other fields that I should take into account?

Not that I can think of.  And you really shouldn't need to worry about
those too unless you're integrating with an existing SSO system where
you need to change the behavior of the system based on those settings.
By default, as long as your handler truthfully reports if supports
forceAuth and passive auth the IdP will take care of the rest.

Do I need to set any fields in it besides setting the attributes in the
httpRequest (PRINCIPAL_NAME_KEY, SUBJECT_KEY, etc)?

You don't have to, there are a couple optional fields you can set
though.  Take a look at the Javadoc on the LoginHandler interface
currently in the head of the REL_2 branch (this is what will ship with
2.1 and what you should be developing against).
--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Net Services
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
, http://www.switch.ch



Archive powered by MHonArc 2.6.16.

Top of Page