Child pages
  • SP Install

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

Table of Contents
maxLevel2
stylenone


Anchor
spInst1
spInst1

1. Requirement for Shibboleth SP (Version 2.4 or later)

Required packages to be installed:

  • Apache HTTP Server 2.2 or later, with mod_ssl

Please check latest information on the site of original Shibboleth:
LinuxMac OS XSolarisWindowsJava Servlets


Anchor
spInst2
spInst2

2. Installation of Operating System

2.1. Configuration at OS installation

2.2. Register to DNS server in your domain

In local testing environment, registering to /etc/hosts may be enough.

2.3. Configuration on time synchronization

Use of NTP is recommended. Configure ntpd to refer nearby NTP servers.

(It may be configured already at installation to refer default NTP servers provided by pool.ntp.org project, though)

Shibboleth IdP and SP must work within 5min difference of clock.


Anchor
spInst3
spInst3

3. Installation of Shibboleth SP

The yum repository is available from the SP version 2.3, making the installing procedure very easy.
The instruction described here is for the following OS.

Please refer to the following instruction in case of the other OS.

The above OS but x86_64
⇒Please modify "yum install shibboleth" as "yum install shibboleth.x86_64" in the instruction below.
Other Linux distribution
Here
Other OS
Here

Info

WS Participants

The following instruction requires the Internet connection. If you don't have the Internet connection, all required files are stored under /root/source directory and you can install directly with this command.

# rpm -ivh /root/source/*.rpm

 

3.1. Add repository file 

  Download the repository file for Shibboleth.
  (Following command is for the CentOS 6. In case of different OS, please modify the part of URL described as "CentOS_CentOS-6")

Panel
borderColor#cccccc
bgColor#eeeeee
borderStylesolid
# wget http://download.opensuse.org/repositories/security://shibboleth/CentOS_CentOS-6/security:shibboleth.repo

 Add the downloaded repository file to yum.
 (File name is modified since using colon in the file name is not my preference^^)

Panel
borderColor#cccccc
bgColor#eeeeee
borderStylesolid
# cp security\:shibboleth.repo /etc/yum.repos.d/shibboleth.repo

3.2. Install 

Info

WS Participants

If you are installing the software from /root/source directory by using rpm command, skip these steps and go straight to section 3.3 .

In order to install the shibboleth SP, just type the following command.

Panel
borderColor#cccccc
bgColor#eeeeee
borderStylesolid
# yum install shibboleth

Following packages will also be installed additionally (This is an example in case of prepared Virtual Box image 2014-01-07).

Panel
borderColor#cccccc
bgColor#eeeeee
borderStylesolid

================================================================================
 Package               Arch     Version             Repository             Size
================================================================================
Installing:
 shibboleth            x86_64   2.5.3-1.1           security_shibboleth   1.3 M
Installing for dependencies:
 libcurl-openssl       x86_64   7.33.0-1.1          security_shibboleth   189 k
 liblog4shib1          x86_64   1.0.8-1.1           security_shibboleth    69 k
 libmemcached          x86_64   0.31-1.1.el6        base                   80 k
 libsaml8              x86_64   2.5.3-1.1           security_shibboleth   966 k
 libtool-ltdl          x86_64   2.2.6-15.5.el6      base                   44 k
 libxerces-c-3_1       x86_64   3.1.1-2.1           security_shibboleth   878 k
 libxml-security-c17   x86_64   1.7.2-2.1           security_shibboleth   273 k
 libxmltooling6        x86_64   1.5.3-1.1           security_shibboleth   685 k
 opensaml-schemas      x86_64   2.5.3-1.1           security_shibboleth    30 k
 unixODBC              x86_64   2.2.14-12.el6_3     base                  378 k
 xmltooling-schemas    x86_64   1.5.3-1.1           security_shibboleth    12 k
 
Transaction Summary
================================================================================
Install      12 Package(s)

3.3. httpd Setting  

Setup ServerName in /etc/httpd/conf.d/ssl.conf

Panel
borderColor#cccccc
bgColor#eeeeee
borderStylesolid

ServerName sp.example.asia:443        ← Hostname

4. Start shibd daemon 

 Start shibd daemon by the following command.

Panel
borderColor#cccccc
bgColor#eeeeee
borderStylesolid
# service shibd start

5. Basic operation of SP

httpd start up:

Panel
borderColor#cccccc
bgColor#eeeeee
borderStylesolid
# service httpd start

shibd start up:

Panel
borderColor#cccccc
bgColor#eeeeee
borderStylesolid
# service shibd start

httpd termination

Panel
borderColor#cccccc
bgColor#eeeeee
borderStylesolid
# service httpd stop

shibd termination

Panel
borderColor#cccccc
bgColor#eeeeee
borderStylesolid
# service shibd stop

httpd restart (stop→start)

Panel
borderColor#cccccc
bgColor#eeeeee
borderStylesolid
# service httpd restart

shibd restart (stop→start)

Panel
borderColor#cccccc
bgColor#eeeeee
borderStylesolid
# service shibd restart
Info
In addition to shibd, httpd is also include SP configuration file (shibboleth2.xml), therefore, please restart httpd when you modify the SP configuration. Shibboleth module (mod_shib) which is involved in the httpd, will include shibboleth2.xml.



 

Proceed to next step for configuration of SP