[Koha] Koha and Shibboleth
Michael Kuhn
mik at adminkuhn.ch
Fri May 7 07:56:41 NZST 2021
Hi Alvaro
Thanks for the hint, but <Location /var/lib/koha/<INSTANCE>/ > isn't
working either. Besides there is some caching going on (Memcache, Plack,
Mojolicious) that complicates things a lot.
I think there is some important information missing in
https://wiki.koha-community.org/wiki/Shibboleth_Configuration
Maybe it even has something to do with the new caching introduced in
recent Koha versions?
Is anyone successfully running Shibboleth with Koha 20.11 (running
Plack) - and if yes, what does your directive "Location" look like?
Best wishes: Michael
--
Geschäftsführer · Diplombibliothekar BBS, Informatiker eidg. Fachausweis
Admin Kuhn GmbH · Pappelstrasse 20 · 4123 Allschwil · Schweiz
T 0041 (0)61 261 55 61 · E mik at adminkuhn.ch · W www.adminkuhn.ch
Am 06.05.21 um 21:19 schrieb Alvaro Cornejo:
> Hi Michael
>
> My guess would be
>
> <Location /var/lib/koha/<INSTANCE>/ >
>
> since it is the root path of koha
>
> Regards
>
> Alvaro
>
> |----------------------------------------------------------------------------------------|
> Stay safe / Cuídate/ Reste sécurisé
> */7/*Switch off as you go / Apaga lo que no usas / Débranchez au fur et
> à mesure.
> *q *Recycle always / Recicla siempre / Recyclez toujours
> PPrint only if absolutely necessary / Imprime solo si es necesario /
> Imprimez seulement si nécessaire
>
>
> Le jeu. 6 mai 2021 à 13:31, Michael Kuhn <mik at adminkuhn.ch
> <mailto:mik at adminkuhn.ch>> a écrit :
>
> Hi Alvaro
>
> > I´ve never worked with shibboleth but error 404 meand apache can not
> > find the specified page and/or has not permissions. Have you
> check it
> > out?
> >
> > As per what I understand, shibooleth needs to access file in:
> >
> >
> https://kohaserver.yourdomain.example.com/Shibboleth.sso/Metadata
> <https://kohaserver.yourdomain.example.com/Shibboleth.sso/Metadata>
> >
> > But in your apache config you are defining
> >
> > <Location />
> >
> > That means your domain root directory.
>
> That is how it's shown in the example...
>
> > Have you tried to point it to the shibboleth folder?
>
> What would be my shibboleth folder?
>
> > Can you get the metadata file directly from your browser?
>
> How would that work?
>
> However, I have deleted my previous configuration and started all over,
> documenting and testing every step according to
> https://wiki.koha-community.org/wiki/Shibboleth_Configuration
> <https://wiki.koha-community.org/wiki/Shibboleth_Configuration>
>
> Everything works fine until section "Adding Directories and
> Permissions"
> and it's always possible to download an XML file when accessing
> https://kohaserver.yourdomain.example.com/Shibboleth.sso/Metadata
> <https://kohaserver.yourdomain.example.com/Shibboleth.sso/Metadata>
>
> So the file "Shibboleth.so/Metadata" seems to be created dynamically,
> since there is no directory or file of that name on the Koha host.
>
> But as soon as I follow section "Enabling Shibboleth for your
> Virtualhost" and add the directive <Location /> the trouble starts and
> it is no more possible to access
> https://kohaserver.yourdomain.example.com/Shibboleth.sso/Metadata
> <https://kohaserver.yourdomain.example.com/Shibboleth.sso/Metadata> -
> instead I get the message Sorry, the requested page is not available,
> Error 404".
>
> So yes, "<Location />" is probably wrong but what would be the correct
> path then? I tried <Location /Shibboleth.sso> and <Location
> /shibboleth/metadata> but these seem to be wrong as well...
>
> Best wishes: Michael
> --
> Geschäftsführer · Diplombibliothekar BBS, Informatiker eidg. Fachausweis
> Admin Kuhn GmbH · Pappelstrasse 20 · 4123 Allschwil · Schweiz
> T 0041 (0)61 261 55 61 · E mik at adminkuhn.ch
> <mailto:mik at adminkuhn.ch> · W www.adminkuhn.ch <http://www.adminkuhn.ch>
>
>
>
> > Le jeu. 6 mai 2021 à 05:42, Michael Kuhn <mik at adminkuhn.ch
> <mailto:mik at adminkuhn.ch>
> > <mailto:mik at adminkuhn.ch <mailto:mik at adminkuhn.ch>>> a écrit :
> >
> > Hi
> >
> > In order to use Shibboleth with Koha 20.11 on Debian
> GNU/Linux 10 I
> > searched for information about the necessary configuration.
> The Koha
> > manual doesn't say anything about Shibboleth, but I found
> > https://wiki.koha-community.org/wiki/Shibboleth_Configuration
> <https://wiki.koha-community.org/wiki/Shibboleth_Configuration>
> >
> <https://wiki.koha-community.org/wiki/Shibboleth_Configuration
> <https://wiki.koha-community.org/wiki/Shibboleth_Configuration>> which
> > seems to be the only source of information on this.
> >
> > I followed the information until section "Enabling Shibboleth
> for your
> > Virtualhost" where it says "Important: Before moving on from this
> > section, you should be able to visit this address and see an
> xml file
> > download, with no errors shown in your browser:
> > https://kohaserver.yourdomain.example.com/Shibboleth.sso/Metadata
> <https://kohaserver.yourdomain.example.com/Shibboleth.sso/Metadata>
> >
> <https://kohaserver.yourdomain.example.com/Shibboleth.sso/Metadata
> <https://kohaserver.yourdomain.example.com/Shibboleth.sso/Metadata>>"
> >
> > Command "shibd -t" says: overall configuration is loadable, check
> > console or log for non-fatal problems
> >
> > According to
> >
> https://github.com/Koha-Community/Koha/blob/master/C4/Auth_with_shibboleth.pm
> <https://github.com/Koha-Community/Koha/blob/master/C4/Auth_with_shibboleth.pm>
> >
> <https://github.com/Koha-Community/Koha/blob/master/C4/Auth_with_shibboleth.pm <https://github.com/Koha-Community/Koha/blob/master/C4/Auth_with_shibboleth.pm>>
> >
> > I inserted the following into the Apache configuration file
> > <instance>.conf to tell Apache to allow Koha (with Plack
> running) to
> > authenticate via Shibboleth:
> >
> > <Location />
> > AuthType shibboleth
> > Require shibboleth
> > ShibUseEnvironment Off
> > ShibUseHeaders On
> > </Location>
> >
> > Replacing "kohaserver.yourdomain.example.com
> <http://kohaserver.yourdomain.example.com>
> > <http://kohaserver.yourdomain.example.com
> <http://kohaserver.yourdomain.example.com>>" with the actual domain I
> > tried all sorts of configuration but all I ever get is just the
> > following message instead of the expected XML:
> >
> > Sorry, the requested page is not available
> > Error 404
> >
> > What may be the cause for this? Is maybe the directory/file
> > "Shibboleth.sso/Metadata" not existing, but how to create it?
> >
> > Best wishes: Michael
> > --
> > Geschäftsführer · Diplombibliothekar BBS, Informatiker eidg.
> Fachausweis
> > Admin Kuhn GmbH · Pappelstrasse 20 · 4123 Allschwil · Schweiz
> > T 0041 (0)61 261 55 61 · E mik at adminkuhn.ch
> <mailto:mik at adminkuhn.ch>
> > <mailto:mik at adminkuhn.ch <mailto:mik at adminkuhn.ch>> · W
> www.adminkuhn.ch <http://www.adminkuhn.ch> <http://www.adminkuhn.ch
> <http://www.adminkuhn.ch>>
> > _______________________________________________
> >
> > Koha mailing list http://koha-community.org
> <http://koha-community.org> <http://koha-community.org
> <http://koha-community.org>>
> > Koha at lists.katipo.co.nz <mailto:Koha at lists.katipo.co.nz>
> <mailto:Koha at lists.katipo.co.nz <mailto:Koha at lists.katipo.co.nz>>
> > Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
> <https://lists.katipo.co.nz/mailman/listinfo/koha>
> > <https://lists.katipo.co.nz/mailman/listinfo/koha
> <https://lists.katipo.co.nz/mailman/listinfo/koha>>
> >
>
>
More information about the Koha
mailing list