jehanprocvery good this plugin !
I first had problems setting the lazy session URL,
the default installation sets something like
Session Initiator URL: https://yourwebsite.domain/Shibboleth.sso/Login
The lazy session URL is based on shibboleth2.xml this way:
handler_url + ref_session_initiator + parameters
in my case, my shibboleth2.xml contains this wayf Location definition
<SessionInitiator type="Chaining" Location="/wayf" id="WAYF" relayState="cookie">
<SessionInitiator type="WAYF" defaultACSIndex="5" URL="https://yourWayfServer.domain/WAYF/WAYF.php"/>
Then I constructed the lazy session URL this way:
Session Initiator URL: https://yourwebsite.domain/Shibboleth.sso/wayf
and now it works fine.
I can authenticate (authn) through shibboleth (CAS SSO) , then authorize (authz) while setting roles automatically from ldap attribute released by the IDP .
Very smart , thanks a lot to the author.
