Skip to content
Container files for the TIER Shibboleth UI Project
Dockerfile Shell
Branch: master
Clone or download
pcaskey Merge pull request #8 from docker/1.7.0-RC2
enable beacon in test-compose
Latest commit 88dc057 Feb 12, 2020
Type Name Latest commit message Commit time
Failed to load latest commit information.
bootstrapfiles Update and rename shibui-1.7.0-RC2.jar.sha256sum to shibui-1.7.0-RC2.… Feb 11, 2020
containerfiles Update supervisord.conf Feb 11, 2020
test-compose enable beacon Feb 12, 2020
Dockerfile Update Dockerfile Feb 11, 2020
Jenkinsfile Update Jenkinsfile Mar 1, 2019 Update Jan 14, 2020
common.bash Update common.bash Feb 11, 2020


Code and files for the TIER Shibboleth UI Project

This repository contains both:

  • the needed artifacts to build (including auto-builds through Jenkins) a Docker image of the Shibboleth UI,
  • and a "testbed" that provides the full environment one needs to explore and gain experience with the Shibboleth UI.

The Docker image of the Shibboleth UI follows the TIER Docker packaging standards, utilizing CentOS7, the Zulu JDK, supervisord, and the TIER Beacon configuration.

How To

  • Install Docker. These instructions require version 17.03.1 or higher.

  • TIER has the latest image for Shib UI. If for some reason you need to build your own, you can do it with something like the following:

docker build --rm -t tier/shib-idp-ui
  • And then that image could be run with something like the following:
docker run -p 8080:8080 -v {yourlocalfile}:/opt/shibui/ tier/shib-idp-ui

Note that you'll almost certainly want to create a "local file" ('{yourlocalfile}' above) that contains the core application settings you want, overriding the defaults that in the Shib UI Jar file. Your file should be mounted at the location /opt/shibui/ The current set of supported properties is documentation in the Internet2 Github Shib UI repository, but is also shown at the end of this Readme.

Now that you have it running, you could access it at something like:


If you did not set an explicit password in your local, you'll have to look at the startup "console messages" and find the one generated at startup, with a line that starts: Using generated security password:. The username is: user

Testbed environment

  • There is a "testbed" environment that you can build and run that is embedded into this repository. That testbed includes the:
  • Shibboleth UI,
  • a Shibboleth IdP
    • with a shared filesystem between the Shibboleth UI and Shibboleth IdP,
  • an LDAP server as the base credential/attribute store for the IdP,
  • and the TIER Maria DB image for the UI's persistent database.

To setup that testbed, you need to:

  • Clone this repository:
git clone
  • cd into test-compose/
  • Run the following command:
docker-compose kill; docker-compose rm; docker-compose build && docker-compose up

You can then get started like above:


The default userid is: root

The default password is: letmein7

Default Properties

This is a reflection of the default file included in the distribution. Note that lines beginning with # are commented out.

# Server Configuration

# Logging Configuration

# Database Credentials

# Database Configuration H2

# Database Configuration PostgreSQL

#Maria/MySQL DB

# Liquibase properties

# Hibernate properties
# for production never ever use create, create-drop. It's BEST to use validate


# Set the following property to periodically write out the generated metadata files. There is no default value; the following is just an example
# shibui.metadata-dir=/opt/shibboleth-idp/metadata/generated



#Actuator endpoints (info)
# Un-comment to get full git details exposed like author, abbreviated SHA-1, commit message

# metadata-providers.xml write configuration

# Set the following property to periodically write out metadata providers configuration. There is no default value; the following is just an example
# shibui.metadataProviders.taskRunRate=30000
You can’t perform that action at this time.