Configuring for Shibboleth

Open the top-level .htaccess file and add the following:

 # Shib lazy session
 AuthType shibboleth
 ShibRequestSetting requireSession 0
 ShibUseHeaders On
 Require shibboleth

Locate the <IfModule mod_rewrite.c> section and scroll down until you find the section that reroutes all URLs not directly referring to files on the filesystem to index.php.  You should find an exception for favicon.ico.  Add an exception for Shibboleth as well.

 RewriteCond %{REQUEST_FILENAME} !-f
 RewriteCond %{REQUEST_FILENAME} !-d
 RewriteCond %{REQUEST_URI} !=/favicon.ico
 RewriteCond %{REQUEST_URI} !^/Shibboleth.sso($|/)
 RewriteRule ^ index.php [L]

Go to https://drupal.org/project/shib_auth and get the module for your chosen version of Drupal.  Install the module.  You should now have a “Shibboleth” section at the bottom of your module list. Click on the “configure” link for its module.

General Settings tab:

  • Shibboleth login handler URL – https://yoursite.osu.edu/Shibboleth.sso/Login
  • Shibboleth logout handler URL – https://yoursite.osu.edu/Shibboleth.sso/Logout
  • Force HTTPS on login – checked
  • Server variable for username – REMOTE_USER
  • Server variable for e-mail address – HTTP_EMAIL

Advanced Settings tab

  • Destroy Drupal session when the Shibboleth session expires – checked

The other settings can be left as the defaults

Test Shib login with your OSU name.# account. It will become a new user account so it may need to be activated by the superuser.

 


Need More Information?

Is OSU Web Hosting right for you? Check your eligibility.

More questions? Check the support section or contact us.

Ready to get started? Request hosting now!