If you are seeing noticeable delays after authentication, you can add a "please wait" screen which will be displayed until the application takes over the display. The delay may be due to slow processing of the attributes that the IdP is sending to the SP or just some sporadic network delays.
Shibboleth IdP version 2.x
In the 2.x version there are four velocity template files that need to be updated. They are contained in the opensaml jar that is part of the idp.war. There are a few things to do:
- Find the opensamlxxx.jar file that is located in the idp/lib directory
- Export the template files into another directory that you will use for editing. Let's call it mytemplates.
- Add text to the four files that indicates that the user has been authenticated, but may need to wait a moment for the app to start.
- Put the files in an archive that uses the directory as part of the path.
- Add the archive to your ClassPath (note: tomcat 6.x starts a fresh CLASSPATH variable in the startup.sh)
- Edit the conf/internal.xml file with the new directory path (mytemplates)
- Restart your IdP
Files and contents
The files are saml1-post-binding.vm, saml2-post-artifact-binding.vm, saml2-post-binding.vm, saml2-post-simplesign-binding.vm.
Example contents for saml2-post-binding.vm. Add the following to the existing contents: