src/main/webapp/WEB-INF/web.xml

   1 <?xml version="1.0" encoding="UTF-8"?>
   2
   3 <web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   4     xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
   5     version="2.4">
   6
   7     <display-name>Shibboleth Identity Provider</display-name>
   8
   9     <!--
  10         Spring 2.0 application context files.  Files are loaded in the order they appear with subsequent files
  11         overwriting same named beans in previous files.
  12     -->
  13     <context-param>
  14         <param-name>contextConfigLocation</param-name>
  15         <param-value>$IDP_HOME$/conf/internal.xml; $IDP_HOME$/conf/service.xml;</param-value>
  16     </context-param>
  17
  18     <!-- Spring 2.0 listener used to load up the configuration -->
  19     <listener>
  20         <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
  21     </listener>
  22
  23     <listener>
  24         <listener-class>edu.internet2.middleware.shibboleth.idp.session.ContainerSessionListener</listener-class>
  25     </listener>
  26
  27     <!--  Add IdP Session object to incoming profile requests -->
  28     <filter>
  29         <filter-name>IdPSessionFilter</filter-name>
  30         <filter-class>edu.internet2.middleware.shibboleth.idp.session.IdPSessionFilter</filter-class>
  31     </filter>
  32
  33     <filter-mapping>
  34         <filter-name>IdPSessionFilter</filter-name>
  35         <url-pattern>/*</url-pattern>
  36     </filter-mapping>
  37
  38     <!-- Profile Request Dispatcher -->
  39     <servlet>
  40         <servlet-name>ProfileRequestDispatcher</servlet-name>
  41         <servlet-class>edu.internet2.middleware.shibboleth.common.profile.ProfileRequestDispatcherServlet</servlet-class>
  42     </servlet>
  43
  44     <servlet-mapping>
  45         <servlet-name>ProfileRequestDispatcher</servlet-name>
  46         <url-pattern>/profile/*</url-pattern>
  47     </servlet-mapping>
  48
  49     <!-- Authentication Engine Entry Point -->
  50     <servlet>
  51         <servlet-name>AuthenticationEngine</servlet-name>
  52         <servlet-class>edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine</servlet-class>
  53     </servlet>
  54
  55     <servlet-mapping>
  56         <servlet-name>AuthenticationEngine</servlet-name>
  57         <url-pattern>/AuthnEngine</url-pattern>
  58     </servlet-mapping>
  59
  60     <!-- Servlet protected by container user for RemoteUser authentication -->
  61     <servlet>
  62         <servlet-name>RemoteUserAuthHandler</servlet-name>
  63         <servlet-class>edu.internet2.middleware.shibboleth.idp.authn.provider.RemoteUserAuthServlet</servlet-class>
  64     </servlet>
  65
  66     <servlet-mapping>
  67         <servlet-name>RemoteUserAuthHandler</servlet-name>
  68         <url-pattern>/Authn/RemoteUser</url-pattern>
  69     </servlet-mapping>
  70
  71     <!-- Servlet for doing Username/Password authentication -->
  72     <servlet>
  73         <servlet-name>UsernamePasswordAuthHandler</servlet-name>
  74         <servlet-class>edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet</servlet-class>
  75     </servlet>
  76
  77     <servlet-mapping>
  78         <servlet-name>UsernamePasswordAuthHandler</servlet-name>
  79         <url-pattern>/Authn/UserPassword</url-pattern>
  80     </servlet-mapping>
  81
  82     <error-page>
  83         <error-code>500</error-code>
  84         <location>/error.jsp</location>
  85     </error-page>
  86
  87     <error-page>
  88         <error-code>404</error-code>
  89         <location>/error-404.jsp</location>
  90     </error-page>
  91
  92 <!-- Uncomment to use container managed authentication -->
  93 <!--
  94     <security-constraint>
  95         <display-name>Shibboleth IdP</display-name>
  96         <web-resource-collection>
  97             <web-resource-name>user authentication</web-resource-name>
  98             <url-pattern>/Authn/RemoteUser</url-pattern>
  99             <http-method>GET</http-method>
 100             <http-method>POST</http-method>
 101         </web-resource-collection>
 102         <auth-constraint>
 103             <role-name>users</role-name>
 104         </auth-constraint>
 105         <user-data-constraint>
 106             <transport-guarantee>CONFIDENTIAL</transport-guarantee>
 107         </user-data-constraint>
 108     </security-constraint>
 109
 110     <security-role>
 111       <role-name>user</role-name>
 112     </security-role>
 113 -->
 114
 115 <!-- Uncomment if you want BASIC auth managed by the container -->
 116 <!--
 117     <login-config>
 118       <auth-method>BASIC</auth-method>
 119       <realm-name>IdP Password Authentication</realm-name>
 120     </login-config>
 121 -->
 122
 123 <!-- Uncomment if you want form-based auth managed by the container -->
 124 <!--
 125     <login-config>
 126         <auth-method>FORM</auth-method>
 127         <realm-name>IdP Password Authentication</realm-name>
 128         <form-login-config>
 129             <form-login-page>/login.jsp</form-login-page>
 130             <form-error-page>/login-error.jsp</form-error-page>
 131         </form-login-config>
 132     </login-config>
 133 -->
 134
 135 </web-app>