Tech Trek: A Software Engineer's Guide to Code and Beyond

Most of the variables created by the SP are controlled by you, and correspond to mapped attributes. A few are built into the SP and can't be renamed. Variable Meaning Shib-Application-ID The  applicationId  property derived for the request. Shib-Session-ID The internal session key assigned to the session associated with the request. Shib-Identity-Provider The  entityID  of the IdP that authenticated the user associated with the request. Shib-Authentication-Instant The ISO timestamp provided by the IdP indicating the time of authentication. Shib-Authentication-Method The  AuthenticationMethod  or  <AuthnContextClassRef>  value supplied by the IdP, if any. Shib-AuthnContext-Class The  AuthenticationMethod  or  <AuthnContextClassRef>  value supplied by the IdP, if any. ...

Today, I have encountered one interesting tool in Shibboleth IdP which will check the resolver, filters and also the metadata so that you can know exactly what will happen in any given situation without starting the IdP. J As a developer, I would say it’s a great tool as you don’t have to restart your IdP again and again after every changes. The name of the tool is (Attribute Authority, Command Line Interface) ACCLI which is located in the IDP_HOME/bin directory and is called aacli.sh or aacli.bat. How it works? Make sure, you have set IDP_HOME to your system environment variable. To check what all attribute it will return for userId SysAdmin and Service Provider EntityId “https://domain.waheedtechblog.com/shibboleth”) aacli.bat --configDir=C:\idp\conf\ --principal=SysAdmin --requester=https://domain1.com/Shibboleth Please check here for detail information.

Scenario: I have an Apache Server(SSL enabled) and tomcat running on my machine and there is one application (app1) hosted on tomcat which is only accessible from Apache Server. You cannot access it directly from tomcat. Now you want to access app1 using multiple domains i.e. domain1.waheedtechblog.com annd domain2.waheedtechblog.com should point to the same application which is hosted on tomcat. (I want to implement different Authentication mechanism based on different domains) Solution: The above case can be achieved using NameBased VirtualHosts and SSL. First you need to uncomment following lines form ${apache}/conf/httpd.conf file LoadModule ssl_module modules/mod_ssl.so LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_ajp_module modules/mod_proxy_ajp.so LoadModule rewrite_module modules/mod_rewrite.so LoadModule proxy_http_module modules/mod_proxy_http.so Include conf/extra/httpd-ssl.conf then goto ${apache}/conf/extra/httpd-ssl.co...

I have already discussed how to generate SSL certificate using keytool over here . In this article, I am going to explain how can you achieved the same thing using OpenSSL tool. The three differnet files that I am going to generate i.e. : waheedtechblog.key waheedtechblog.csr waheedtechblog.crt Generate Private key : waheedtechblog.key openssl genrsa -des3 -out waheedtechblog.key 1024 Generate a Certificate Signing Request (CSR) Using above generated key file, We will now create the CSR file openssl req -new -key waheedtechblog.key -out waheedtechblog.csr Generate a Self-Signed SSL Certificate openssl x509 -req -days 365 -in waheedtechblog.csr -signkey waheedtechblog.key -out waheedtechblog.crt These file can be used to enable SSL in Apache Server. Sometime, we need to remove passphrase to run key in Apache Server, if you get such issue while enabling SSL in Apache Server then run following command to remove p...

1. Introduction Shibboleth is standards-based, open source middleware software which provides web single sign-on across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner. Shibboleth Identity Provider supports the SAML2 specification and is therefore ideal for use with Zendesk. This document will describe the steps required to configure Shibboleth 2.0 Identity Provider to achieve single sign-on with Zendesk. 2. Install Shibboleth IdP The V2 Shibboleth Identity Provider is a standard Java web application based on the Servlet 2.4 specification and should run for the most part in any compatible servlet container. For this setup, I am going to use Apache Tomcat 7. Install and configure Apache tomcat 7 Download the Shibboleth Identity Provider (V2.4.4) software package. Unzip the archive and uncomment <security-constraint>, <login-config...

Steps to install and configure Maven on CentOS Download the tar.gz file from Apache Maven site Untar the file at some location (Eg: /opt/maven) tar x z f <filename> Add the environment variable to ~/.bash_profile file cd $HOME vi ~/.bash_ profile Append PATH variable with maven path Add M2_HOME variable export M2_HOME Save and restart your system Verify maven installation mvn --version

Here are the steps to install and configure Apache Tomcat 7 on Cent OS : Make sure you have JAVA 6 or later version installed on your machine. Java --version Download Tomcat7 Archive wget http://www.us.apache.org/dist/tomcat/tomcat-7/v7.0.64/bin/apache-tomcat-7.0.64.tar.gz Untar it at some location (eg: /opt/tomcat7) tar xzf apache-tomcat-7.0.64.tar.gz Start the tomcat (bydefault it will start at port 8080) sh /opt/tomcat7/bin/startup.sh Verify Apache Tomcat Server Goto your browser and check http:// localhost: 8080 or http://127.0.0.1:8080 Stop the tomcat sh /opt/tomcat7/bin/shutdown.sh [Optional] To access admin|manager pages, you need to create user accounts. Add below lines inside <tomcat-users></tomcat-users> tags in ${tomcat7}/conf/tomcat-users.xml file. <role rolename="manager-gui"/> <user username="manager...