...
* If the MySQL has already been installed as the initial component, you can skip this process.
Setup /etc/my.cnf
コード ブロック |
---|
[mysqld] datadir=/var/lib/mysql socket=/var/lib/mysql/mysql.sock user=mysql symbolic-links=0 old_passwords=1 default-character-set = utf8 [mysqld_safe] log-error=/var/log/mysqld.log pid-file=/var/run/mysqld/mysqld.pid [mysql] default-character-set = utf8 |
Execute
コード ブロック |
---|
$ sudo /etc/init.d/mysqld start $ sudo chkconfig mysqld on |
Create Database
コード ブロック |
---|
$ mysql -u root CREATE DATABASE vo; GRANT ALL PRIVILEGES ON vo.* TO 'vouser'@'localhost' IDENTIFIED BY 'YOUR OWN PASSWORD'; |
Installing and Setting Up PHP
Please install PHP by using following command.
コード ブロック |
---|
$ sudo yum install php
$ sudo yum install php-devel php-gd php-mbstring php-pdo
$ sudo yum install php-mysql php-xml
$ sudo /etc/init.d/httpd restart |
コード ブロック |
---|
$ sudo yum install php
$ sudo yum install php-devel php-gd php-mbstring php-pdo
$ sudo yum install php-mysql php-xml
$ sudo /etc/init.d/httpd restart |
Setting Up Timezone
Add timezone in /etc/php.ini . Parameter “Asia/Tokyo” should be changed depending on your local time.
コード ブロック |
---|
date.timezone = "Asia/Tokyo" |
Installing and Setting Up Mail Server
...
Please install and setup mail server by using Postfix or Sendmail. Following instruction is for Postfix.
Install
コード ブロック |
---|
$ sudo yum install postfix |
Setup Postfix
Please modify parameters depending on your local environment.
コード ブロック |
---|
/etc/postfix/main.cf |
Execute
コード ブロック |
---|
$ sudo /etc/init.d/postfix start
$ sudo chkconfig postfix on |
Installing Attribute Provider (SP)
Shibboleth SP which has been installed in section 4 will be configured for Attribute Provider.
Download required file from following URL.
https://forge.gakunin.nii.ac.jp/svn/GakuNinmAP/local-map/sp-conf/ Please obtain an account from GakuNin Office if authentication is requested.
attribute-map.xml attribute-policy.xml shibboleth2.xml attr.php embedded-wayf_config.js |
Modify Setting
- attribute-policy.xml
Modify “Host Name of the SP” to this server host name. shibboleth2.xml
Modify “Host Name of the IdP” to your university IdP which authenticate users.
Certificate and Key files in the “CredentialResolver” also have to be changed depending on theにserver certificate.
Initial Setting of the CredentialResolverコード ブロック <CredentialResolver type="File" key="cert/server.key" certificate="cert/server.crt"/>
* Owner of these files have to be changed as shibd.
- embedded-wayf_config.js
Modify “Host Name of the Server” to the name of this server.
Values in wayf_additional_idps also have to be changed.
Copy Files
コード ブロック |
---|
Back Up First
$ sudo cp /etc/shibboleth/attribute-map.xml /etc/shibboleth/attribute-map.xml.bk
$ sudo cp /etc/shibboleth/attribute-policy.xml /etc/shibboleth/attribute-policy.xml.bk
$ sudo cp /etc/shibboleth/shibboleth2.xml /etc/shibboleth/shibboleth2.xml.bk
Then Copy
$ sudo cp attribute-map.xml /etc/shibboleth/.
$ sudo cp attribute-policy.xml /etc/shibboleth/.
$ sudo cp shibboleth2.xml /etc/shibboleth/.
$ sudo mkdir /var/www/html/secure
$ sudo cp attr.php /var/www/html/secure/.
$ sudo mkdir /var/www/html/js
$ sudo cp embedded-wayf_config.js /var/www/html/js/. |
Metadata Deployment
- Store the metadata of the SP of this server in the following location.
/etc/shibboleth/metadata/sp-metadata.xml - Store the metadata of this IdP of this server in the following location.
/opt/shibboleth-idp/metadata/idp-metadata.xml
* shibd have to be restarted after the “10. Installing Attribute Provider (IdP)”since the metadata※of the IdP is not yet generated at this moment. - Store the metadata of the IdP which utilizes university authentication.
/etc/shibboleth-idp/metadata/uni-idp-metadata.xml - Federation Metadata
If required, federation metadata have to be included by the shibboleth2.xml configuration.
Restart
コード ブロック |
---|
$ sudo /etc/init.d/shibd restart$ sudo /etc/init.d/httpd restart |
Installing Attribute Provider (IdP)
...
Importing the Account Data from the Existing Database
Metadata
Validation
Back Up First
$ sudo cp /etc/shibboleth/attribute-map.xml /etc/shibboleth/attribute-map.xml.bk
$ sudo cp /etc/shibboleth/attribute-policy.xml /etc/shibboleth/attribute-policy.xml.bk
$ sudo cp /etc/shibboleth/shibboleth2.xml /etc/shibboleth/shibboleth2.xml.bk
Then Copy
$ sudo cp attribute-map.xml /etc/shibboleth/.
$ sudo cp attribute-policy.xml /etc/shibboleth/.
$ sudo cp shibboleth2.xml /etc/shibboleth/.
$ sudo mkdir /var/www/html/secure
$ sudo cp attr.php /var/www/html/secure/.
$ sudo mkdir /var/www/html/js
$ sudo cp embedded-wayf_config.js /var/www/html/js/.