This documentation relates to uPortal 4.0
If you are using a different version, please click on "Click for all versions" on the left side of the page and select the relevant version.

Page History

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Step 1 - Security Context

Shibboleth only configuration

Configure uPortal to get the username from the REMOTE_USER header. Update the uportal-war/src/main/resources/properties/security.properties file:

Code Block
## This is the factory that supplies the concrete authentication class
root=org.jasig.portal.security.provider.UnionSecurityContextFactory
#root.cas=org.jasig.portal.security.provider.cas.CasAssertionSecurityContextFactory
#root.cas=org.jasig.portal.security.provider.cas.clearpass.PasswordCachingCasAssertionSecurityContextFactory
root.remote=org.jasig.portal.security.provider.RemoteUserSecurityContextFactory
root.simple=org.jasig.portal.security.provider.SimpleSecurityContextFactory

Shibboleth only configuration

Optionally, to ensure the Shibbolized uPortal instance has no chance of using anything but Shibboleth for authN, comment out the root.simple context as well.

Warning
titleUnionSecurityContextFactory

WARNING – do not remove the line root=org.jasig.portal.security.provider.UnionSecurityContextFactory. The RemoteUserPersonManager expects the RemoteUserSecurityContext to be a child of the root, not the root itself.

...

Code Block
root=org.jasig.portal.security.provider.RemoteUserSecurityContextFactory

Multiple Authentication Systems

To enable multiple authentication systems use UnionSecurityContextFactory as root. With multiple authentication systems, uPortal will attempt to authenticate the user to all systems until one is successful.

...