November 23, 2008, 12:16
There was an issue in the new version of Shibboleth IdP 2.1 causing some custom settings of the LDAP data connector to be ignored. To be more specific, the poolMaxSize, searchTimeLimit and maxResultSize attributes were affected. It has been fixed in the subversion repository, but at this time, no new version has been scheduled for release.
Building the IdP from source is very easy, just follow the instructions (at the bottom of the page). However, at this time there is still a small issue. Before running the “mvn -DskipTests install” command, open the java-idp-main/java-idp/pom.xml file and change the version of the shibboleth-common library from 1.1.0 to 1.1.1 in the dependency section. Otherwise, the older version is being packed instead of the fixed one.
November 7, 2008, 19:47
DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creating documentation of any kind. It is targeted at developer teams, workgroups and small companies. It has a simple but powerful syntax which makes sure the datafiles remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files – no database is required. (description taken from DokuWiki homepage)
The Shibboleth System is a standards based, open source software package for web single sign-on across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner.
Making DokuWiki authenticate through Shibboleth is fairly easy due to the extensible DokuWiki authentication framework, which allows using different authentication backends easily. The Shibboleth backend itself only needs to check for some environment variables and determine user’s username and info.
You can get more information and download the backend at its homepage:
Dokuwiki Shibboleth Authentication Backend
Feel free to comment.
November 4, 2008, 14:42
There are some other issues in the new version of Shibboleth IdP. Though, they may be too specific, to affect the wider audience.
Due to a bug, it is not possible to set the maximum number of results returned by the LDAP DataConnector. The value of the corresponding attriubute maxResultSize is being ignored and the default value of 1 is used instead:
https://bugs.internet2.edu/jira/browse/SIDP-246
Normally it is a desired behaviour – one result set per user. But in case of a secondary connector used for gathering additional information like, for example, group information, more results may be expected. So if you use such connectors, do not upgrade to 2.1.0 until there is a fix.
The second issue is rather small and affects only IdPs using the UserPassword authentication handler with a custom login page. The Java API has been changed, so you need to replace all request.getParameter() calls with request.getAttribute() in your templates (login.jsp).
November 3, 2008, 17:40
A new version of Shibboleth Identity Provider is available. It fixes a vulnerability in the UsernamePassword login handler, but it contains some new features as well. Obviously, the new version was released in a hurry, because there are some issues with the installer – apparently it overwrites the old configuration even if the user selects no to. A new installer is being planned for the next release.
Continue reading ‘Shibboleth IdP 2.1 is out’ »
