Skip to main content
Ex Libris Knowledge Center

Shibboleth Silent-Login Configuration for the New UI using PDS



The out of the box PDS configurations do not allow silent-login for a user already authenticated to the IDP.

The below guide provides an enhancement that allows Single Sign On between a PDS that has been set up with a Shibboleth SP and other SAML applications.



1) Find the entityID of the institution’s IDP.

grep 'SSO entityID' /etc/shibboleth/shibboleth2.xml



2) open the relevant tab service

pdsroot;cd conf_table; vim tab_service.example



3) Add the below section to the tab service that we are configuring silent-login for:



program =

params = shib.conf



4) Copy to be customized

pdsroot;cd service_proc; cp –p; vim



Replace row 69 : $file_name_shrt = "sso";

With: $file_name_shrt="redirect-remote-shib-sso";


5) Create the file redirect-remote-shib-sso with the below contents

Replace idp_entity_id with the entity of the institution’s idp (step 1)


pdsroot;cd html_form/institute-example;vim redirect-remote-shib-sso


<html> <head> <title>Redirecting</title> <include>meta-tags <meta http-equiv="refresh" content="0; url=&server_httpsd/shib/$0300/pds_main?func=load-login&calling_system=$0200&institute=$0300&PDS_HANDLE=$0100&url=$0400">
<script language=Javascript> function redirect() { var url = "&server_httpsd/Shibboleth.sso/Login?entityID=<idp_entity_id>&isPassive=true&target=&server_httpsd/shib/$0300/pds_main?func=load-login"; var urlcom = "&calling_system=$0200&institute=$0300&PDS_HANDLE=$0100&url=$0410"; top.location = url + encodeURIComponent(urlcom); }
<body onload="javascript:redirect()"> </html>

  • Article last edited: DD-Mmm-YYYY