src/main/webapp/WEB-INF/web.xml

   1 <?xml version="1.0" encoding="UTF-8"?>
   2
   3 <web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   4     xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
   5     version="2.4">
   6
   7     <display-name>Shibboleth Identity Provider</display-name>
   8
   9     <!--
  10         Spring 2.0 application context files.  Files are loaded in the order they appear with subsequent files
  11         overwriting same named beans in previous files.
  12     -->
  13     <context-param>
  14         <param-name>contextConfigLocation</param-name>
  15         <param-value>$IDP_HOME$/conf/internal.xml; $IDP_HOME$/conf/service.xml;</param-value>
  16     </context-param>
  17
  18     <!-- Spring 2.0 listener used to load up the configuration -->
  19     <listener>
  20         <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
  21     </listener>
  22
  23     <!--  Add IdP Session object to incoming profile requests -->
  24     <filter>
  25         <filter-name>IdPSessionFilter</filter-name>
  26         <filter-class>edu.internet2.middleware.shibboleth.idp.session.IdPSessionFilter</filter-class>
  27     </filter>
  28
  29     <filter-mapping>
  30         <filter-name>IdPSessionFilter</filter-name>
  31         <url-pattern>/profile/*</url-pattern>
  32     </filter-mapping>
  33
  34     <!-- Profile Request Dispatcher -->
  35     <servlet>
  36         <servlet-name>ProfileRequestDispatcher</servlet-name>
  37         <servlet-class>edu.internet2.middleware.shibboleth.common.profile.ProfileRequestDispatcherServlet</servlet-class>
  38     </servlet>
  39
  40     <servlet-mapping>
  41         <servlet-name>ProfileRequestDispatcher</servlet-name>
  42         <url-pattern>/profile/*</url-pattern>
  43     </servlet-mapping>
  44
  45     <!-- Authentication Engine Entry Point -->
  46     <servlet>
  47         <servlet-name>AuthenticationEngine</servlet-name>
  48         <servlet-class>edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine</servlet-class>
  49     </servlet>
  50
  51     <servlet-mapping>
  52         <servlet-name>AuthenticationEngine</servlet-name>
  53         <url-pattern>/AuthnEngine</url-pattern>
  54     </servlet-mapping>
  55
  56     <!-- Servlet protected by container user for RemoteUser authentication -->
  57     <servlet>
  58         <servlet-name>RemoteUserAuthHandler</servlet-name>
  59         <servlet-class>edu.internet2.middleware.shibboleth.idp.authn.provider.RemoteUserAuthServlet</servlet-class>
  60     </servlet>
  61
  62     <servlet-mapping>
  63         <servlet-name>RemoteUserAuthHandler</servlet-name>
  64         <url-pattern>/Authn/RemoteUser</url-pattern>
  65     </servlet-mapping>
  66
  67     <!-- Servlet for doing Username/Password authentication -->
  68     <servlet>
  69         <servlet-name>UsernamePasswordAuthHandler</servlet-name>
  70         <servlet-class>edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet</servlet-class>
  71     </servlet>
  72
  73     <servlet-mapping>
  74         <servlet-name>UsernamePasswordAuthHandler</servlet-name>
  75         <url-pattern>/Authn/UserPassword</url-pattern>
  76     </servlet-mapping>
  77
  78     <error-page>
  79         <error-code>500</error-code>
  80         <location>/error.jsp</location>
  81     </error-page>
  82
  83     <error-page>
  84         <error-code>404</error-code>
  85         <location>/error-404.jsp</location>
  86     </error-page>
  87
  88 <!-- Uncomment to use container managed authentication -->
  89 <!--
  90     <security-constraint>
  91         <display-name>Shibboleth IdP</display-name>
  92         <web-resource-collection>
  93             <web-resource-name>user authentication</web-resource-name>
  94             <url-pattern>/Authn/RemoteUser</url-pattern>
  95             <http-method>GET</http-method>
  96             <http-method>POST</http-method>
  97         </web-resource-collection>
  98         <auth-constraint>
  99             <role-name>user</role-name>
 100         </auth-constraint>
 101         <user-data-constraint>
 102             <transport-guarantee>CONFIDENTIAL</transport-guarantee>
 103         </user-data-constraint>
 104     </security-constraint>
 105
 106     <security-role>
 107       <role-name>user</role-name>
 108     </security-role>
 109 -->
 110
 111 <!-- Uncomment if you want BASIC auth managed by the container -->
 112 <!--
 113     <login-config>
 114       <auth-method>BASIC</auth-method>
 115       <realm-name>IdP Password Authentication</realm-name>
 116     </login-config>
 117 -->
 118
 119 <!-- Uncomment if you want form-based auth managed by the container -->
 120 <!--
 121     <login-config>
 122         <auth-method>FORM</auth-method>
 123         <realm-name>IdP Password Authentication</realm-name>
 124         <form-login-config>
 125             <form-login-page>/login.jsp</form-login-page>
 126             <form-error-page>/login-error.jsp</form-error-page>
 127         </form-login-config>
 128     </login-config>
 129 -->
 130
 131 </web-app>