Page History
...
Note |
---|
The properties file If OTOH you intend to use the |
After changes to (any) property files you'll need to restart the whole container (i.e., Tomcat) for the changes to become active:
No Format |
---|
systemctl restart tomcat9 |
In order to test/verify your authentication configuration you may use the methodology described in our Testing an IDP documentation.
...
...
E.g. you may be interested in the automated account lockout feature (even though this allows anyone to DoS individual accounts simply by repeatedly providing an incorrect passwort for given accounts), see Account Lockout under Advanced Features in the Shibboleth IDP documentation. In the simplest case you just need to uncomment the bean with id="shibboleth.authn.Password.AccountLockoutManager"
in the file /opt/shibboleth-idp/conf/authn/password-authn-config.xml
(and optionally adjust the parameters to taste). The page for Account Lockout Management explains how to lock/unlock accounts via HTTP and therefore also from the command line using cURL.
As always, after changes to any property files you'll need to restart the whole container (i.e., Tomcat) for the changes to become active:
No Format |
---|
systemctl restart tomcat9 |