Page tree

The Shibboleth 2.x software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only. See the IDP30 and SP3 wiki spaces for current documentation on the supported versions.

Skip to end of metadata
Go to start of metadata

Prerequisites

This extension is in its alpha stage. As such your experience may not be completely free from consternation. You are expected to have a working knowledge of Shibboleth and Tomcat (or JBoss, whatever you use), and also:

  • An installed Shibboleth 2.x IdP
  • A SQL database of some sort (one that JDBC wrks with). This data base will be use to support the authentication method that allows a user to use a personal card to authenticate a managed card. Define a "personalcards" table with three text columns: id, ppid, pubkey.
  • A program to generate card images. These are 250x167 png images. You can stream a static png file or generate a custom image using, for example (netpbm required):
    #!/bin/bash
    # $1 = card_id : username
    cardid="$1"
    id="${cardid##*:}"
    src=<some_dir>/card_background.ppm
    mask=<some_dir>/$1.mask
    pbmtext -font $font $id > $mask
    pnmdepth 255 $mask | \
       ppmchange black linen | \
       pnmcomp -xoff=-20 -yoff=116 -alpha $mask -invert - $src | \
       pnmtopng
    
    If you can be content with the default card image, probably dependent on the Identity Selector, you can skip this step.
  • A JAAS configuration that will authenticate a userid and password. This is required regardless of whether or not you use tomcat for SSO authentication. Authentication of Infocards is backdoor and no browser is directly involved.
  • No labels