From d1469da56d5a82ee80a10dda9d6cc3bf9d067f9a Mon Sep 17 00:00:00 2001 From: Scott Koranda Date: Tue, 31 Mar 2020 09:52:39 -0500 Subject: [PATCH] Add further details on simple development sandbox Added a note that one can add a username used in basic auth that mocks up what the Shibboleth SP or other authentication module will populate into REMOTE_USER. --- docs/simple-development.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/docs/simple-development.md b/docs/simple-development.md index ee4f1f2..3b3b0b5 100644 --- a/docs/simple-development.md +++ b/docs/simple-development.md @@ -181,6 +181,16 @@ Restart the services and you can now authenticate to COmanage Registry using the username and password combination you added to the password file. +Note that an authentication module used in production, like the +Shibboleth Service Provider (SP), often sets the "username" to a +more sophisticated value. For example, if the Shibboleth SP is configured +to consume eduPersonPrincipalName (ePPN) and populate that into +`REMOTE_USER` then the "username" might be a value like +`scott.koranda@uwm.edu`. + +You can mock up the same behavior by simply adding the "username" +`scott.koranda@uwm.edu` with a password using the above technique. + ### Mocking Apache CGI environment variables Some COmanage Registry functionality, such as the @@ -188,7 +198,7 @@ Some COmanage Registry functionality, such as the Organizational Identity Source, requires that the Apache HTTP Server set Apache CGI environment variables. These environment variables are usually set by more sophisticated authentication modules like the -Shibboleth Service Provider (SP). You can mock up the same +Shibboleth (SP). You can mock up the same behavior using the [SetEnv](https://httpd.apache.org/docs/2.4/mod/mod_env.html) directive for Apache.