https://connect.hyland.com/t5/nuxeo-forum/shibboleth-configuration/m-p/314450#M1451 <P>Hello,</P> <P>I'm trying to use Shibboleth but have some issues. My configuration :</P> <UL> <LI>Apache 2.2 with mod_proxy. A virtual host and inside the virtual host a location /nuxeo protected by shibboleth (i.e AuthType shibboleth). Inside this virtual host a ProxyPass directive to the tomcat nuxeo using ajp.</LI> <LI>A SP installed on the same machine</LI> <LI>and finally on the same machine, my nuxeo 5.5 with a template embedding the 2 shibboleth plugins (login and group)</LI> </UL> <P>The flow when I'm accessing the https://<SERVERNAME>/nuxeo/ is : 1- Apache check Shibboleth access : A) first time no access so I'm being redirected to the DiscoveryService then to the B) Login page. C) After log in the browser is redirected to the Discovery Service. If I inspect the /Shibboleth.sso/Session on my SP I saw an active session... It's like Apache is OK with the authentification, pass the request to Nuxeo which doesn't find the shibboleth session and ask me to login. (using the loginURL provided in the <EXTENSION target="org.nuxeo.ecm.platform.shibboleth.service.ShibbolethAuthenticationService">).</EXTENSION></SERVERNAME></P> <P>What do I put in the loginURL tag ?</P> <P>I don't really understand why ? If someone can explain the cause and the solution, thanks in advance.</P> Wed, 31 Oct 2012 22:43:16 GMT Kahlua_ 2012-10-31T22:43:16Z https://connect.hyland.com/t5/nuxeo-forum/shibboleth-configuration/m-p/314450#M1451 <P>Hello,</P> <P>I'm trying to use Shibboleth but have some issues. My configuration :</P> <UL> <LI>Apache 2.2 with mod_proxy. A virtual host and inside the virtual host a location /nuxeo protected by shibboleth (i.e AuthType shibboleth). Inside this virtual host a ProxyPass directive to the tomcat nuxeo using ajp.</LI> <LI>A SP installed on the same machine</LI> <LI>and finally on the same machine, my nuxeo 5.5 with a template embedding the 2 shibboleth plugins (login and group)</LI> </UL> <P>The flow when I'm accessing the https://<SERVERNAME>/nuxeo/ is : 1- Apache check Shibboleth access : A) first time no access so I'm being redirected to the DiscoveryService then to the B) Login page. C) After log in the browser is redirected to the Discovery Service. If I inspect the /Shibboleth.sso/Session on my SP I saw an active session... It's like Apache is OK with the authentification, pass the request to Nuxeo which doesn't find the shibboleth session and ask me to login. (using the loginURL provided in the <EXTENSION target="org.nuxeo.ecm.platform.shibboleth.service.ShibbolethAuthenticationService">).</EXTENSION></SERVERNAME></P> <P>What do I put in the loginURL tag ?</P> <P>I don't really understand why ? If someone can explain the cause and the solution, thanks in advance.</P> Wed, 31 Oct 2012 22:43:16 GMT https://connect.hyland.com/t5/nuxeo-forum/shibboleth-configuration/m-p/314450#M1451 Kahlua_ 2012-10-31T22:43:16Z