1. Requirement for Shibboleth SP (Version 2.4 or later)
Required packages to be installed:
- Apache HTTP Server 2.2 or later, with mod_ssl
Please check latest information on the site of original Shibboleth:
Linux, Mac OS X, Solaris, Windows, Java Servlets
2. Installation of Operating System
2.1. Configuration at OS installation
- Packages required to be installed at OS installation (CentOS 6 assumed):
- Apache Web Server (httpd)
- PHP (php), or any execution environment for web applications
- and others you need.
SELinux is not supported with this document. Please confirm it is disabled with:
$ /usr/sbin/getenforce
Disabled hostname
Determine a hostname for SP: sp.example.asia
Hostname is defined as follows in /etc/sysconfig/networkHOSTNAME=sp.example.asia
2.2. Register to DNS server in your domain
In local testing environment, registering to /etc/hosts may be enough.
2.3. Configuration on time synchronization
Use of NTP is recommended. Configure ntpd to refer nearby NTP servers.
(It may be configured already at installation to refer default NTP servers provided by pool.ntp.org project, though)
Shibboleth IdP and SP must work within 5min difference of clock.
3. Installation of Shibboleth SP
The yum repository is available from the SP version 2.3, making the installing procedure very easy.
The instruction described here is for the following OS.
- CentOS 5/6, Red Hat Enterprise Linux 4/5/6 (i386)
- SUSE Linux Enterprise Server 10/11(no label/SP1/SP2) (i386)
- OpenSUSE Linux 11.3/11.4/12.1 (i386)
Please refer to the following instruction in case of the other OS.
The above OS but x86_64
⇒Please modify "yum install shibboleth" as "yum install shibboleth.x86_64" in the instruction below.
Other Linux distribution
⇒Here
Other OS
⇒Here
WS Participants
The following instruction requires the Internet connection. If you don't have the Internet connection, all required files are stored under /root/source directory and you can install directly with this command.
# rpm -ivh /root/source/*.rpm
3.1. Add repository file
Download the repository file for Shibboleth.
(Following command is for the CentOS 6. In case of different OS, please modify the part of URL described as "CentOS_CentOS-6")
# wget http://download.opensuse.org/repositories/security://shibboleth/CentOS_CentOS-6/security:shibboleth.repo
Add the downloaded repository file to yum.
(File name is modified since using colon in the file name is not my preference^^)
# cp security\:shibboleth.repo /etc/yum.repos.d/shibboleth.repo
3.2. Install
WS Participants
If you are installing the software from /root/source directory by using rpm command, skip these steps and go straight to section 3.3 .
In order to install the shibboleth SP, just type the following command.
# yum install shibboleth
Following packages will also be installed additionally (This is an example in case of prepared Virtual Box image 2014-01-07).
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
shibboleth x86_64 2.5.3-1.1 security_shibboleth 1.3 M
Installing for dependencies:
libcurl-openssl x86_64 7.33.0-1.1 security_shibboleth 189 k
liblog4shib1 x86_64 1.0.8-1.1 security_shibboleth 69 k
libmemcached x86_64 0.31-1.1.el6 base 80 k
libsaml8 x86_64 2.5.3-1.1 security_shibboleth 966 k
libtool-ltdl x86_64 2.2.6-15.5.el6 base 44 k
libxerces-c-3_1 x86_64 3.1.1-2.1 security_shibboleth 878 k
libxml-security-c17 x86_64 1.7.2-2.1 security_shibboleth 273 k
libxmltooling6 x86_64 1.5.3-1.1 security_shibboleth 685 k
opensaml-schemas x86_64 2.5.3-1.1 security_shibboleth 30 k
unixODBC x86_64 2.2.14-12.el6_3 base 378 k
xmltooling-schemas x86_64 1.5.3-1.1 security_shibboleth 12 k
Transaction Summary
================================================================================
Install 12 Package(s)
3.3. httpd Setting
Setup ServerName in /etc/httpd/conf.d/ssl.conf
ServerName sp.example.asia:443
← Hostname
4. Start shibd daemon
Start shibd daemon by the following command.
# service shibd start
5. Basic operation of SP
httpd start up:
# service httpd start
shibd start up:
# service shibd start
httpd termination
# service httpd stop
shibd termination
# service shibd stop
httpd restart (stop→start)
# service httpd restart
shibd restart (stop→start)
# service shibd restart
Proceed to next step for configuration of SP