Shibboleth idp configuration for ldap authentication

Question

I am novice to shibboleth and I am attempting to use LDAP with Shibboleth . i tried a lot but i could not make it happen. Can any one tell me what should be the AttributeDefinition, DataConnector and login.config for the following java code which working fine. please help

   Hashtable env = new Hashtable();
        String ldapSearchBase = "dc=samplehro,dc=india";
        env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
        env.put("com.sun.jndi.ldap.read.timeout", "4000");
        env.put(Context.PROVIDER_URL, "ldap://smplchn-adsvr.samplehro.india");
        env.put(Context.SECURITY_AUTHENTICATION, "simple");
        env.put(Context.SECURITY_PRINCIPAL, username + "@samplehro.india");
        env.put(Context.SECURITY_CREDENTIALS, password);

score 2 · Accepted Answer · answered Nov 13 '18 at 13:01

The accepted answer is a link-only answer and the link is dead, so here is one that, essentially, just copies an example from the official Shibboleth documentation.:

# Put in attribute-resolver.xml
<DataConnector id="myLDAP" xsi:type="LDAPDirectory"
    ldapURL="%{idp.attribute.resolver.LDAP.ldapURL}"
    baseDN="%{idp.attribute.resolver.LDAP.baseDN}"
    principal="%{idp.attribute.resolver.LDAP.bindDN}"
    principalCredential="%{idp.attribute.resolver.LDAP.bindDNCredential}"
    trustFile="%{idp.attribute.resolver.LDAP.trustCertificates}"
    useStartTLS="%{idp.attribute.resolver.LDAP.useStartTLS:true}"
    noResultIsError="%{idp.attribute.resolver.LDAP.noResultsIsError:false}"
    multipleResultsIsError="%{idp.attribute.resolver.LDAP.multipleResultsIsError:true}">
    <FilterTemplate>
        <![CDATA[
            %{idp.attribute.resolver.LDAP.searchFilter}
        ]]>
    </FilterTemplate>
    <LDAPProperty name="name1" value="%{idp.attribute.resolver.LDAP.prop1}"/>
    <LDAPProperty name="name2" value="%{idp.attribute.resolver.LDAP.prop2}"/>
    <StartTLSAuthenticationCredential xsi:type="security:X509Filesystem" xmlns:security="urn:mace:shibboleth:2.0:security" id="IdPtoLDAPCredential">
        <security:PrivateKey>%{idp.attribute.resolver.LDAP.authenticationKey}</security:PrivateKey>
        <security:Certificate>%{idp.attribute.resolver.LDAP.authenticationCertificate}</security:Certificate>
    </StartTLSAuthenticationCredential>
</DataConnector>

Shibboleth idp configuration for ldap authentication

1 Answers1