...

Following document instructs how to install Shibbolized Tiqr (or "tiqrshib") in the IdP environment. Please feel free to contact us (tiqr at meatmail.jp) if you have any difficulty during installation.

About Enviroment

This instruction is for Shibbolized Tiqr 2.2. Shibbolized Tiqr is tested under the following environment.

• CentOS 7.35
• httpd 2.4
• PHP 5.4
• Oracle JDK 1.8
• Apache Maven 3.2
• Tomcat 89.0
• Shibboleth IdP 3.34.10
• Shibboleth SP 23.60

This document assumes Shibboleth IdP and SP are configured and ready for SAML SSO; IdP should be able to authenticate users per SP's authn request, and supply users' attributes back to SP appropriately. Some attributes must be supplied to SP because Shibbolized Tiqr implicitly requires them:

...

$ mkdir -p /opt/tiqrzend/db/
$ sqlite3 /opt/tiqrzend/db/secrets.db
sqlite> CREATE TABLE IF NOT EXISTS tiqrshibsecrets (
...> `id` integer NOT NULL PRIMARY KEY AUTOINCREMENT,
...> `uid` text NOT NULL UNIQUE,
...> `secret` text DEFAULT NULL,
...> `isActive` integer DEFAULT NULL,
...> `loginattempts` integer DEFAULT NULL,
...> `isBlocked` integer DEFAULT NULL);
sqlite> (exit)
$ sudo chown -R apache: /opt/tiqrzend/db
$ sudo chmod -R go-rwx /opt/tiqrzend/db

...

$ ls
pom.xml  src
$ mvn -DskipTests=false clean package
... (a lot of logs) ...
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 1.683 s
[INFO] Finished at: 2017-09-05T16:41:39+09:00
[INFO] Final Memory: 24M/361M
[INFO] ------------------------------------------------------------------------
$ ls
pom.xml  src  target
$ ls target/
classes  maven-archiver  tiqrshibauthn-2.02.jar

Here, tiqrshibauthn-2.0x.jar in target/ is what we want.

...

# systemctl stop tomcat

Place tiqrshibauthn-2.0x.jar in /opt/shibboleth-idp/edit-webapp/WEB-INF/lib/ directory.

# cp -i .../tiqrshibauthn-2.0?.jar /opt/shibboleth-idp/edit-webapp/WEB-INF/lib/

...