Navigation:
Documentation
Archive



Page Tree:

Child pages
  • Shibboleth SP Installation and Configuration for Bamboo Trust Federation Clients

This wiki space contains archival documentation of Project Bamboo, April 2008 - March 2013.

Skip to end of metadata
Go to start of metadata

Overview

SAML 2.0 is the lingua franca for Authentication messages passed between participants in the Bamboo Trust Federation. In phase one of the Bamboo Technology Project, the Bamboo-deployed participants were enabled to 'speak SAML' through installation of Shibboleth SP (Shibboleth Service Provider). Institutional Identity Providers tested during the project included Shibboleth installations at U. Wisconsin - Madison and UC Berkeley. Social media identity providers tested during the project were mediated by a Social/SAML gateway, described on the page Social/SAML Gateway to enable social media identity provision.

This wiki page describes in a focused recipe the installation and configuration of Shibboleth SP for participation in the Bamboo Trust Federation; authoritative documentation on the Shibboleth web site is referenced. The recipe assumes that installation is being performed on a CentOS 5/6 Linux server; minor differences will apply when installing atop a different operating system.

It is important to note that in addition to installation of software on the client, metadata must be exchanged with other participants in the Bamboo Ecosystem, including the Social/SAML gateway and any institutional identity providers to which the client application's users will authenticate. Metadata exchange to within the Bamboo Ecosystem is described on the pages Maintaining SAML Metadata that establishes a Trust Federation and Maintaining Application Catalog Data for Trusted Clients; each of these presupposes client certificate generation and exchange, documented in the Certificate Exchange section of Configure Apache Web Server for Client Auth.

Installation of Shibboleth SP

Follow the instructions at: https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPLinuxRPMInstall

Begin at the section "Installing via Yum"

These instructions assume that the Apache Web Server (httpd) is already installed on the server.

1. Copy CentOS 5/6 yum repo file contents from http://download.opensuse.org/repositories/security://shibboleth/CentOS_CentOS-6/security:shibboleth.repo then paste into and save to new file /etc/yum.repos.d/security-shibboleth.repo

# cat /etc/yum.repos.d/security-shibboleth.repo

[security_shibboleth]
name=Shibboleth (CentOS_CentOS-6)
type=rpm-md
baseurl=http://download.opensuse.org/repositories/security:/shibboleth/CentOS_CentOS-6/
gpgcheck=1
gpgkey=http://download.opensuse.org/repositories/security:/shibboleth/CentOS_CentOS-6/repodata/repomd.xml.key
enabled=1

 

2. Install Shibboleth SP

yum install shibboleth.x86_64

3. Follow "After Installation" instructions at https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPLinuxRPMInstall

4. Enable Shibboleth (shibd) to add entries to native.log, by giving apache ownership of the httpd directory in /var/log:

chown apache /var/log/httpd

shibd should now be installed, logging and ready for use:

# /sbin/service shibd start

Starting shibd (via systemctl): [ OK ]

5. Create file containing the installation-time-generated metadata

[root@bsp-test userx]# wget --no-check-certificate https://127.0.0.1/Shibboleth.sso/Metadata

--2012-06-01 09:30:29-- https://127.0.0.1/Shibboleth.sso/Metadata
Connecting to 127.0.0.1:443... connected.
WARNING: certificate common name "*.projectbamboo.org" doesn't match requested host name "127.0.0.1".
HTTP request sent, awaiting response... 200 OK
Length: 4228 (4.1K) [application/samlmetadata+xml]
Saving to: "Metadata"

Progress bar
100%[========================================================================>] 4,228 --.-K/s in 0s

6. Edit the auto-generated metadata

... substituting appropriate filenames, hostname, URLs, etc.

<Host name="sp.example.org">

...changed to...

<Host name="bsp-test.projectbamboo.org">
<ApplicationDefaults entityID=https://sp.example.org/shibboleth>

...changed to... 

<ApplicationDefaults entityID=https://bsp-test.projectbamboo.org/shibboleth-sp>
<entityID="https://idp.example.org/shibboleth">

...changed to...

<entityID="https://logintest.wisc.edu/idp/shibboleth">
<MetadataProvider type="XML" uri=http://federation.org/federation-metadata.xml>

...changed to... 

<MetadataProvider type="XML" uri= http://bsp-int.projectbamboo.org/metadata/ProjectBambooSaml2Metadata.xml >
<MetadataFilter type="RequireValidUntil" maxValidityInterval="2419200"/>
<MetadataFilter type="Signature" certificate="fedsigner.pem"/>

...changed to...

<!-- <MetadataFilter type="RequireValidUntil" maxValidityInterval="2419200"/> -->
<!-- <MetadataFilter type="Signature" certificate="fedsigner.pem"/> -->

 

7. Send the edited metadata file to the appropriate person or list through which the master Bamboo Trust Federation metadata file is maintained.

As Project Bamboo no longer maintains a Trust Federation, specific addresses can't be provided here. However, a copy of the master metadata file in use during the active period of the Bamboo Technology Project – ProjectBambooSaml2Metadata.xml – is versioned in the project's code repository, at the following URL:

  http://svn.code.sf.net/p/projectbamboo/code/platform-config/trunk/saml-metadata/ProjectBambooSaml2Metadata.xml

This may or may not prove a helpful reference.

Configuration of Shibboleth SP

For next steps, see https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPGettingStarted

The Shibboleth configuration files are all found in /etc/shibboleth:

# ls -la /etc/shibboleth
total 304
drwxr-xr-x 2 root root 4096 Jun 1 09:10 .
drwxr-xr-x 75 root root 4096 Jun 1 09:10 ..
-rw-r--r-- 1 root root 827 Aug 6 2011 accessError.html
-rw-r--r-- 1 root root 827 Aug 6 2011 accessError.html.dist
-rw-r--r-- 1 root root 1122 Aug 6 2011 apache22.config
-rw-r--r-- 1 root root 1122 Aug 6 2011 apache2.config
-rw-r--r-- 1 root root 1446 Aug 6 2011 apache.config
-rw-r--r-- 1 root root 8049 Aug 6 2011 attribute-map.xml
-rw-r--r-- 1 root root 8049 Aug 6 2011 attribute-map.xml.dist
-rw-r--r-- 1 root root 3055 Aug 6 2011 attribute-policy.xml
-rw-r--r-- 1 root root 3055 Aug 6 2011 attribute-policy.xml.dist
-rw-r--r-- 1 root root 1895 Aug 6 2011 bindingTemplate.html
-rw-r--r-- 1 root root 1895 Aug 6 2011 bindingTemplate.html.dist
-rw-r--r-- 1 root root 1171 Aug 6 2011 console.logger
-rw-r--r-- 1 root root 1171 Aug 6 2011 console.logger.dist
-rw-r--r-- 1 root root 1514 Aug 6 2011 discoveryTemplate.html
-rw-r--r-- 1 root root 1514 Aug 6 2011 discoveryTemplate.html.dist
-rw-r--r-- 1 root root 10140 Aug 6 2011 example-metadata.xml
-rw-r--r-- 1 root root 10140 Aug 6 2011 example-metadata.xml.dist
-rw-r--r-- 1 root root 14092 Aug 6 2011 example-shibboleth2.xml
-rw-r--r-- 1 root root 14092 Aug 6 2011 example-shibboleth2.xml.dist
-rw-r--r-- 1 root root 832 Aug 6 2011 globalLogout.html
-rw-r--r-- 1 root root 832 Aug 6 2011 globalLogout.html.dist
-rwxr-xr-x 1 root root 2040 Aug 6 2011 keygen.sh
-rw-r--r-- 1 root root 627 Aug 6 2011 localLogout.html
-rw-r--r-- 1 root root 627 Aug 6 2011 localLogout.html.dist
-rw-r--r-- 1 root root 1102 Aug 6 2011 metadataError.html
-rw-r--r-- 1 root root 1102 Aug 6 2011 metadataError.html.dist
-rwxr-xr-x 1 root root 7752 Aug 6 2011 metagen.sh
-rw-r--r-- 1 root root 1710 Aug 6 2011 native.logger
-rw-r--r-- 1 root root 1710 Aug 6 2011 native.logger.dist
-rw-r--r-- 1 root root 643 Aug 6 2011 partialLogout.html
-rw-r--r-- 1 root root 643 Aug 6 2011 partialLogout.html.dist
-rw-r--r-- 1 root root 1309 Aug 6 2011 postTemplate.html
-rw-r--r-- 1 root root 1309 Aug 6 2011 postTemplate.html.dist
-rw-r--r-- 1 root root 2318 Aug 6 2011 protocols.xml
-rw-r--r-- 1 root root 2318 Aug 6 2011 protocols.xml.dist
-rw-r--r-- 1 root root 1347 Aug 6 2011 security-policy.xml
-rw-r--r-- 1 root root 1347 Aug 6 2011 security-policy.xml.dist
-rw-r--r-- 1 root root 1218 Aug 6 2011 sessionError.html
-rw-r--r-- 1 root root 1218 Aug 6 2011 sessionError.html.dist
-rw-r--r-- 1 root root 5865 Aug 6 2011 shibboleth2.xml
-rw-r--r-- 1 root root 5865 Aug 6 2011 shibboleth2.xml.dist
-rw-r--r-- 1 root root 2371 Aug 6 2011 shibd-debian
-rw-r--r-- 1 root root 2682 Aug 6 2011 shibd.logger
-rw-r--r-- 1 root root 2682 Aug 6 2011 shibd.logger.dist
-rw-r--r-- 1 root root 673 Aug 6 2011 shibd-osx.plist
-rw-r--r-- 1 root root 1626 Aug 6 2011 shibd-redhat
-rw-r--r-- 1 root root 3349 Aug 6 2011 shibd-suse
-rw-r--r-- 1 root root 1131 Jun 1 09:10 sp-cert.pem
-rw------- 1 root root 1704 Jun 1 09:10 sp-key.pem
-rw-r--r-- 1 root root 860 Aug 6 2011 sslError.html
-rw-r--r-- 1 root root 860 Aug 6 2011 sslError.html.dist
-rw-r--r-- 1 root root 1252 Aug 6 2011 syslog.logger
-rw-r--r-- 1 root root 1252 Aug 6 2011 syslog.logger.dist
-rw-r--r-- 1 root root 23671 Aug 6 2011 upgrade.xsl

1. Generate a self-signed x509certificate that the Shibboleth SP will use to sign protocol messages

A similar invocation of openssl (for generating a cert to be used in establishing trust between the client application and the Bamboo Services Platform) is described in the Certificate Exchange section of Configure Apache Web Server for Client Auth.
[root@bsp-test userx]# openssl req -x509 -nodes -days 3660 -newkey rsa:2048 -keyout userx.key -out userx.pem

Generating a 2048 bit RSA private key
.........................................................+++
......................................................................................................................................+++
writing new private key to 'khazelton1.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:Wisconsin
Locality Name (eg, city) []:Madison
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organization Y
Organizational Unit Name (eg, section) []:Security
Common Name (eg, YOUR name) []:User X
Email Address []:userx@gmail.com

2. Check the certificate contents

[root@bsp-test userx]# openssl x509 -text -in /etc/shibboleth/sp-cert.pem
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
8d:15:6f:fa:83:f5:2c:83
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=bsp-test.projectbamboo.org
Validity
Not Before: Jun 1 13:10:37 2012 GMT
Not After : May 30 13:10:37 2022 GMT
Subject: CN=bsp-test.projectbamboo.org
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c8:64:78:cc:f9:f1:6e:bc:51:56:f9:c2:bd:95:
fc:90:8c:f8:df:9e:f2:f2:c1:7e:2f:59:ef:23:7c:
ce:86:5e:83:d8:4d:8e:af:bd:3f:13:ab:fc:a3:14:
0d:69:b2:98:66:1d:f8:09:e6:c6:f8:25:a5:e0:1c:
17:21:c2:5f:ce:97:c9:e9:20:22:9d:bd:4d:87:0c:
3c:a4:16:71:c9:cf:43:fd:b4:1d:ed:ad:94:1d:d7:
b4:68:ac:df:d1:0d:24:d0:bd:34:a8:c1:c1:be:71:
3a:3f:e2:01:8a:a5:ed:4d:b8:32:c7:d5:7b:2a:1c:
b7:4d:a2:26:50:6e:b5:8b:4b:c8:47:1a:b1:99:fa:
bf:70:82:83:03:3d:a6:71:43:f5:c0:63:9e:25:44:
0e:f2:cf:0a:87:df:f4:65:7e:26:8e:0e:29:33:56:
0f:86:36:10:b0:f2:7f:ea:3e:bb:09:c3:20:a2:56:
c7:12:d5:4e:b4:73:32:b5:a3:39:91:5a:68:5c:33:
2a:da:4b:d3:96:2a:29:6c:d2:31:99:32:43:b8:17:
06:21:ab:f6:e2:da:2a:d9:23:f6:65:11:73:55:b1:
2e:1a:3d:8c:33:2f:10:15:dd:0b:5e:22:1c:97:a7:
7c:f6:4e:1d:df:2e:2b:95:04:37:63:08:5b:24:e2:
c0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Alternative Name: 
DNS:bsp-test.projectbamboo.org
X509v3 Subject Key Identifier: 
11:7F:A2:BD:D7:00:1B:DA:19:18:A6:7F:E3:92:27:63:E7:81:88:C7
Signature Algorithm: sha1WithRSAEncryption
0b:13:d9:31:3c:b7:86:87:48:6a:21:70:88:a5:74:7b:41:e7:19:e8:95:07:47:0d:ab:25:c6:ce:79:cb:45:4b:a6:46:c2:62:be:be:1b:bb:f1:45:5a:b7:b2:07:b4:3e:6c:9d:28:c8:35:7f:71:af:2a:4f:4d:dd:ef:b4:07:b2:e3:4c:b9:a2:47:e4:86:15:34:20:39:8b:0a:f7:1f:a4:e3:fa:4f:da:1a:7f:71:75:62:17:92:ae:7d:dc:3f:bf:cb:27:e3:89:bf:a3:e8:9e:ce:35:4c:6c:9e:30:5b:ec:31:68:c3:57:48:81:9a:bf:53:f0:5d:d6:59:72:b8:8a:80:2a:79:be:66:2e:03:c9:c3:ca:b1:8e:7a:72:1d:7c:89:e6:91:34:f6:91:48:6f:62:2b:24:f7:1b:b3:8c:3b:fc:32:c8:3c:66:78:b3:3e:28:11:f6:f1:ff:98:9a:cf:da:1e:8c:5a:77:59:00:fe:36:f4:4f:86:d1:df:9c:96:5a:50:04:59:70:f9:f9:62:9a:23:e8:2c:77:ba:96:7c:df:39:94:84:df:ab:b2:a8:fb:47:51:67:05:1a:da:93:63:04:6d:67:b5:e1:41:0b:18:2f:44:9f:2a:80:e1:9b:5a:16:84:d8:b1:17:52:b5:49:cd:1f:38:35:35:90:fb
-----BEGIN CERTIFICATE-----
MIIDFTCCAf2gAwIBAgIJAI0Vb/qD9SyDMA0GCSqGSIb3DQEBBQUAMCUxIzAhBgNVBAMTGmJzcC10ZXN0LnByb2plY3RiYW1ib28ub3JnMB4XDTEyMDYwMTEzMTAzN1oXDTIyMDUzMDEzMTAzN1owJTEjMCEGA1UEAxMaYnNwLXRlc3QucHJvamVjdGJhbWJv b5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIZHjM+fFuvFFW
+cK9lfyQjPjfnvLywX4vWe8jfM6GXoPYTY6vvT8Tq/yjFA1psphmHfgJ5sb4JaXg
HBchwl/Ol8npICKdvU2HDDykFnHJz0P9tB3trZQd17RorN/RDSTQvTSowcG+cTo/
4gGKpe1NuDLH1XsqHLdNoiZQbrWLS8hHGrGZ+r9wgoMDPaZxQ/XAY54lRA7yzwqH
3/RlfiaODikzVg+GNhCw8n/qPrsJwyCiVscS1U60czK1ozmRWmhcMyraS9OWKils
0jGZMkO4FwYhq/bi2irZI/ZlEXNVsS4aPYwzLxAV3QteIhyXp3z2Th3fLiuVBDdj
CFsk4sCxAgMBAAGjSDBGMCUGA1UdEQQeMByCGmJzcC10ZXN0LnByb2plY3RiYW1i
b28ub3JnMB0GA1UdDgQWBBQRf6K91wAb2hkYpn/jkidj54GIxzANBgkqhkiG9w0B
AQUFAAOCAQEACxPZMTy3hodIaiFwiKV0e0HnGeiVB0cNqyXGznnLRUumRsJivr4b
u/FFWreyB7Q+bJ0oyDV/ca8qT03d77QHsuNMuaJH5IYVNCA5iwr3H6Tj+k/aGn9x
dWIXkq593D+/yyfjib+j6J7ONUxsnjBb7DFow1dIgZq/U/Bd1llyuIqAKnm+Zi4D
ycPKsY56ch18ieaRNPaRSG9iKyT3G7OMO/wyyDxmeLM+KBH28f+Yms/aHoxad1kA
/jb0T4bR35yWWlAEWXD5+WKaI+gsd7qWfN85lITfq7Ko+0dRZwUa2pNjBG1nteFB
CxgvRJ8qgOGbWhaE2LEXUrVJzR84NTWQ+w==
-----END CERTIFICATE-----

 

3. The primary configuration of shibboleth is in shibboleth2.xml

Start with example.shibboleth2.xml and make following edits (substituting appropriate filenames, hostname, URLs, etc.):

<Host name="sp.example.org">

…changed to…

<Host name="bsp-test.projectbamboo.org">
<ApplicationDefaults entityID=https://sp.example.org/shibboleth>

…changed to…

<ApplicationDefaults entityID="https://bsp-test.projectbamboo.org/shibboleth-sp">
<entityID="https://idp.example.org/shibboleth">

…changed to…

<entityID="https://idp.foo.edu/idp/shibboleth">
<Errors supportContact="root@localhost">

…changed to…

<Errors supportContact="userx@gmail.com">
<MetadataProvider type="XML" uri=http://federation.org/federation-metadata.xml>

…changed to…

<MetadataProvider type="XML" uri="http://metazome.info/metadata/ProjectBambooSaml2Metadata.xml">
<MetadataFilter type="RequireValidUntil" maxValidityInterval="2419200"/>
<MetadataFilter type="Signature" certificate="fedsigner.pem"/>

…changed to…

<!-- <MetadataFilter type="RequireValidUntil" maxValidityInterval="2419200"/> -->
<!-- <MetadataFilter type="Signature" certificate="fedsigner.pem"/> -->

Initial testing of Shibboleth SP

1. Add support for PHP so test routines can be run

yum install php

 

2. Edit /etc/httpd/conf/httpd.conf to add support for PHP

Add lines in three places:

(a) In the LoadModules section:

LoadModule php5_module modules/libphp5.so
AddHandler php5-script .php

(b) In the DirectoryIndex section:

DirectoryIndex index.html index.php index.html.var

(c) In the AddType section:

AddType text/html .php

# PHP Syntax Coloring
# (optional but useful for reading PHP source for debugging):

 

3. Add an index.php to a directory under Apache Web Server's DocumentRoot

Assumption: the directory secure is created under Apache Web Server's DocumentRoot, and is reachable over https. A file index.php is to be written to that directory.

The contents of index.php should be something like the following (with URL changes as appropriate):

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr"> 
<head> 
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 
  <title>bsp-test.projectbamboo.org</title>
  // Install-time version
</head>
<body>
  <p>Host bsp-test.projectbamboo.org on   
    <?php echo date("Y/m/d") . "<br />"; ?>
  </p>
 <?php
    phpinfo();
  ?>
</body>
</html>

Note the invocation of phpinfo().

4. Browse to the location of index.php

E.g.,

https://bsp-test.projectbamboo.org/secure 

The browser is redirected to testshib IdP and after the user autheticates, phpinfo displays Apache environment variables showing successful population of shib-* attributes:

Apache Environmentariable Value
Shib-Application-ID default
Shib-Session-ID _6204693b1baadd4d44c923bc0328ce51
Shib-Identity-Provider https://logintest.wisc.edu/idp/shibboleth
Shib-Authentication-Instant 2012-06-01T17:26:19.966Z
Shib-Authentication-Method urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
Shib-AuthnContext-Class urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
Shib-Session-Index c1de003c14a3d2082aea4964abf434d751326b31b420bfe12a8bf87421abcbe8
persistent-id https://logintest.wisc.edu/idp/shibboleth!https://bsp-test.projectbamboo.org/shibboleth-sp!MOowG6LgaWBB8ezMJzgOVBxGykk=;https://logintest.wisc.edu/idp/shibboleth!https://bsp-test.projectbamboo.org/shibboleth-sp!MOowG6LgaWBB8ezMJzgOVBxGykk=
HTTPS on
SSL_TLS_SNI bsp-test.projectbamboo.org
SSL_SERVER_S_DN_O *.projectbamboo.org
SSL_SERVER_S_DN_OU Domain Control Validated
SSL_SERVER_S_DN_CN *.projectbamboo.org
SSL_SERVER_I_DN_C US
SSL_SERVER_I_DN_ST Arizona
SSL_SERVER_I_DN_L Scottsdale
SSL_SERVER_I_DN_O GoDaddy.com, Inc.
SSL_SERVER_I_DN_OU http://certificates.godaddy.com/repository
SSL_SERVER_I_DN_CN Go Daddy Secure Certification Authority
SSL_VERSION_INTERFACE mod_ssl/2.2.22
SSL_VERSION_LIBRARY OpenSSL/1.0.0g-fips
SSL_PROTOCOL TLSv1
SSL_SECURE_RENEG true
SSL_COMPRESS_METHOD DEFLATE
SSL_CIPHER DHE-RSA-CAMELLIA256-SHA
SSL_CIPHER_EXPORT false
SSL_CIPHER_USEKEYSIZE 256
SSL_CIPHER_ALGKEYSIZE 256
SSL_CLIENT_VERIFY NONE
SSL_SERVER_M_VERSION 3
SSL_SERVER_M_SERIAL 0437AC49ECE525
SSL_SERVER_V_START Mar 7 00:34:44 2012 GMT
SSL_SERVER_V_END Apr 19 01:06:11 2013 GMT
SSL_SERVER_S_DN /O=*.projectbamboo.org/OU=Domain Control Validated/CN=*.projectbamboo.org
SSL_SERVER_I_DN /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287
SSL_SERVER_A_KEY rsaEncryption
SSL_SERVER_A_SIG sha1WithRSAEncryption
SSL_SESSION_ID 3CB6C7DCE97863877E9FBEE237746AE8F9FF1ABB4F466679A4D7F2548C524320
HTTP_HOST bsp-test.projectbamboo.org
HTTP_CONNECTION keep-alive
HTTP_CACHE_CONTROL max-age=0
HTTP_USER_AGENT Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.21 Safari/536.11
HTTP_ACCEPT text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
HTTP_REFERER https://logintest.wisc.edu/idp/profile/SAML2/Redirect/SSO
HTTP_ACCEPT_ENCODING gzip,deflate,sdch
HTTP_ACCEPT_LANGUAGE en-US,en;q=0.8
HTTP_ACCEPT_CHARSET UTF-8,*;q=0.5
HTTP_COOKIE _shibsession_64656661756c7468747470733a2f2f6273702d746573742e70726f6a65637462616d626f6f2e6f72672f73686962626f6c6574682d7370=_6204693b1baadd4d44c923bc0328ce51
PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
SERVER_SIGNATURE <address>Apache/2.2.22 (Fedora) Server at bsp-test.projectbamboo.org Port 443</address>
SERVER_SOFTWARE Apache/2.2.22 (Fedora)
SERVER_NAME bsp-test.projectbamboo.org
SERVER_ADDR 74.207.248.136
SERVER_PORT 443
REMOTE_ADDR 128.104.17.180
DOCUMENT_ROOT /var/www/html
SERVER_ADMIN root@localhost
SCRIPT_FILENAME /var/www/html/secure/index.php
REMOTE_PORT 50658
REMOTE_USER https://logintest.wisc.edu/idp/shibboleth!https://bsp-test.projectbamboo.org/shibboleth-sp!MOowG6LgaWBB8ezMJzgOVBxGykk=
AUTH_TYPE shibboleth
GATEWAY_INTERFACE CGI/1.1
SERVER_PROTOCOL HTTP/1.1
REQUEST_METHOD GET
QUERY_STRING no value
REQUEST_URI /secure/
SCRIPT_NAME /secure/index.php

 

 

 

 

 

  • No labels