Yves Agostini > Jifty-Plugin-Authentication-ModShibb-0.03 > Jifty::Plugin::Authentication::ModShibb

Download:
Jifty-Plugin-Authentication-ModShibb-0.03.tar.gz

Dependencies

Annotate this POD

View/Report Bugs
Module Version: 0.03   Source  

NAME ^

Jifty::Plugin::Authentication::ModShibb - Shibboleth auth. plugin for Jifty

DESCRIPTION ^

This may be combined with the Jifty::Plugin::User plugin to provide user authentication using Shibboleth web single sign-on. The Shibboleth System is a standards based software package for web single sign-on across or within organizational boundaries. It supports authorization and attribute exchange using the OASIS SAML protocol. Jifty::Plugin::Authentication::ModShibb requires a shibd service provider which will set required attributes in environment variables.

CONFIG ^

 in etc/config.yml

  Plugins: 
    - Authentication::ModShibb:
       mapping:                           # jifty column : shibboleth attribute
         shibb_id: eppn
         email: email
         name: displayName
       authz:  $ENV{'primary_affiliation'} eq 'employee' # shibboleth attribute : value

shibb_id is mandatory and must provide a distinct id for each user

name is highly recommended to display feedback for users

email is highly recommended if you mix shibboleth authentication and other jifty authentication plugins

add in your User Model

 use Jifty::Plugin::Authentication::ModShibb::Mixin::Model::User;

apache

   <Location />
    AuthType shibboleth
    Require shibboleth
   </Location>
     
  <Location /shibblogin>
    ShibRequestSetting applicationId uads
    AuthType shibboleth
    ShibRequestSetting requireSession 1
    require valid-user
   </Location>

For debugging idp and sp config you can add an apache authentication on /shibb_test location.

METHODS ^

prereq_plugins

This plugin depends on the User plugin.

init

load config

SEE ALSO ^

Jifty::Manual::AccessControl, Jifty::Plugin::User, Shibboleth::SP

AUTHOR ^

Yves Agostini, <yvesago@cpan.org>

LICENSE ^

Copyright 2011, Yves Agostini <yvesago@cpan.org>.

This program is free software and may be modified and distributed under the same terms as Perl itself.

syntax highlighting: