[Koha] Koha and Shibboleth

Michael Kuhn mik at adminkuhn.ch
Fri May 7 06:31:24 NZST 2021 

Hi Alvaro

 > I´ve never worked with shibboleth but error 404 meand apache can not
 > find the specified page and/or has not permissions. Have you check it
 > out?
 >
 > As per what I understand, shibooleth needs to access file in:
 >
 > https://kohaserver.yourdomain.example.com/Shibboleth.sso/Metadata
 >
 > But in your apache config you are defining
 >
 > <Location />
 >
 > That means your domain root directory.

That is how it's shown in the example...

 > Have you tried to point it to the shibboleth folder?

What would be my shibboleth folder?

 > Can you get the metadata file directly from your browser?

How would that work?

However, I have deleted my previous configuration and started all over, 
documenting and testing every step according to 
https://wiki.koha-community.org/wiki/Shibboleth_Configuration

Everything works fine until section "Adding Directories and Permissions" 
and it's always possible to download an XML file when accessing 
https://kohaserver.yourdomain.example.com/Shibboleth.sso/Metadata

So the file "Shibboleth.so/Metadata" seems to be created dynamically, 
since there is no directory or file of that name on the Koha host.

But as soon as I follow section "Enabling Shibboleth for your 
Virtualhost" and add the directive <Location /> the trouble starts and 
it is no more possible to access 
https://kohaserver.yourdomain.example.com/Shibboleth.sso/Metadata - 
instead I get the message Sorry, the requested page is not available, 
Error 404".

So yes, "<Location />" is probably wrong but what would be the correct 
path then? I tried <Location /Shibboleth.sso> and <Location 
/shibboleth/metadata> but these seem to be wrong as well...

Best wishes: Michael
-- 
Geschäftsführer · Diplombibliothekar BBS, Informatiker eidg. Fachausweis
Admin Kuhn GmbH · Pappelstrasse 20 · 4123 Allschwil · Schweiz
T 0041 (0)61 261 55 61 · E mik at adminkuhn.ch · W www.adminkuhn.ch



> Le jeu. 6 mai 2021 à 05:42, Michael Kuhn <mik at adminkuhn.ch 
> <mailto:mik at adminkuhn.ch>> a écrit :
> 
>     Hi
> 
>     In order to use Shibboleth with Koha 20.11 on Debian GNU/Linux 10 I
>     searched for information about the necessary configuration. The Koha
>     manual doesn't say anything about Shibboleth, but I found
>     https://wiki.koha-community.org/wiki/Shibboleth_Configuration
>     <https://wiki.koha-community.org/wiki/Shibboleth_Configuration> which
>     seems to be the only source of information on this.
> 
>     I followed the information until section "Enabling Shibboleth for your
>     Virtualhost" where it says "Important: Before moving on from this
>     section, you should be able to visit this address and see an xml file
>     download, with no errors shown in your browser:
>     https://kohaserver.yourdomain.example.com/Shibboleth.sso/Metadata
>     <https://kohaserver.yourdomain.example.com/Shibboleth.sso/Metadata>"
> 
>     Command "shibd -t" says: overall configuration is loadable, check
>     console or log for non-fatal problems
> 
>     According to
>     https://github.com/Koha-Community/Koha/blob/master/C4/Auth_with_shibboleth.pm
>     <https://github.com/Koha-Community/Koha/blob/master/C4/Auth_with_shibboleth.pm>
> 
>     I inserted the following into the Apache configuration file
>     <instance>.conf to tell Apache to allow Koha (with Plack running) to
>     authenticate via Shibboleth:
> 
>         <Location />
>           AuthType shibboleth
>           Require shibboleth
>           ShibUseEnvironment Off
>           ShibUseHeaders On
>         </Location>
> 
>     Replacing "kohaserver.yourdomain.example.com
>     <http://kohaserver.yourdomain.example.com>" with the actual domain I
>     tried all sorts of configuration but all I ever get is just the
>     following message instead of the expected XML:
> 
>        Sorry, the requested page is not available
>        Error 404
> 
>     What may be the cause for this? Is maybe the directory/file
>     "Shibboleth.sso/Metadata" not existing, but how to create it?
> 
>     Best wishes: Michael
>     --
>     Geschäftsführer · Diplombibliothekar BBS, Informatiker eidg. Fachausweis
>     Admin Kuhn GmbH · Pappelstrasse 20 · 4123 Allschwil · Schweiz
>     T 0041 (0)61 261 55 61 · E mik at adminkuhn.ch
>     <mailto:mik at adminkuhn.ch> · W www.adminkuhn.ch <http://www.adminkuhn.ch>
>     _______________________________________________
> 
>     Koha mailing list http://koha-community.org <http://koha-community.org>
>     Koha at lists.katipo.co.nz <mailto:Koha at lists.katipo.co.nz>
>     Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
>     <https://lists.katipo.co.nz/mailman/listinfo/koha>
>

More information about the Koha mailing list