the shibb portal
Tue, Nov 7, 2006
So, after much hair pulling and gnashing of teeth, I finally got round my session propagation problem. I’ve created a new Sakai portal, /shibb but not matter where I authenticated, either in charon first, as admin, or as admin in /shibb, the session was never passed between the portals. So logging in using /shibb resulted in the usual login page on charon after the redirect.
Now, I’m using Eclipse, which is probably worst DE on the planet. DE? yes, it’s hardly integrated with anything! So I went into shell mode and did some find dotting and grepping to get into the SessionManager, which eventually led me into the RequestFilter. It then struck me that RequestFilter was never invoked on /shibb and so when it was invoked on /portal, it was finding the cookie but no session. So it was creating a new one, hence the loss of user info in the session created in /shibb.
So I looked at /shibb’s web.xml and DOH! I’d just copied the mercury portal’s web.xml and forgot to change the filter mapping. It was still invoking the request filter for sakai.portal.mercury. I changed it to sakai.portal.shibb and lo and behold, all began working!
So now I can login using code in /shibb and redirect to /portal and the user is still logged in.
Now it’s time to stick a Guanxi Guard in front of /shibb and start coding up some Sakai SAML providers.