The purpose of this document is to install and validate the local mAP environment.
Following environment is required for installing local mAP.
Table 2‑1 Required Software
Software Name | Version | Notes |
CentOS (64bit) | 6.5 | Operating System |
Shibboleth-SP | 2.5.3 (*1) | Service Provider |
Shibboleth-IdP | 2.4.0 | Identity Provider |
Apache HTTP Server | 2.2.15 (*1) | WEB Server |
Java | JDK 7 Update 45 or openjdk 1.6.0 | IdP Executable Environment |
Apache Tomcat | 6.0.24 (*1) | Servlet Container |
MySQL | 5.1.71 (*1) | Relational Database |
Postfix | 2.6.6 (*1) | Mail Transfer Agent |
PHP | 5.3.3 (*1) | Programing Language |
*1 Latest version of yum package as of 2014/2/28
Please install shibboleth SP while referring to the install guide.
Shibboleth SP Install Guide
https://meatwiki.nii.ac.jp/confluence/display/GakuNinShibInstallen/SP+Install
In addition to shibboleth SP, apache, mod_ssl and NTP will be install simultaneously. Please setup these environment as well.
Please install shibboleth IdP while referring to the install guide.
Shibboleth SP Install Guide
https://meatwiki.nii.ac.jp/confluence/display/GakuNinShibInstallen/IdP+Install+Manual
In addition to shibboleth IdP, Java and Tomcat will be install as well. Please setup these environment as well.
Install MySQL by using following command.
$ sudo yum install mysql-server |
* If the MySQL has already been installed as the initial component, you can skip this process.
[mysqld] datadir=/var/lib/mysql socket=/var/lib/mysql/mysql.sock user=mysql symbolic-links=0 old_passwords=1 default-character-set = utf8 [mysqld_safe] log-error=/var/log/mysqld.log pid-file=/var/run/mysqld/mysqld.pid [mysql] default-character-set = utf8 |
$ sudo /etc/init.d/mysqld start $ sudo chkconfig mysqld on |
$ mysql -u root CREATE DATABASE vo; GRANT ALL PRIVILEGES ON vo.* TO 'vouser'@'localhost' IDENTIFIED BY 'YOUR OWN PASSWORD'; |
Please install PHP by using following command.
$ sudo yum install php $ sudo yum install php-devel php-gd php-mbstring php-pdo $ sudo yum install php-mysql php-xml $ sudo /etc/init.d/httpd restart |
$ sudo yum install php $ sudo yum install php-devel php-gd php-mbstring php-pdo $ sudo yum install php-mysql php-xml $ sudo /etc/init.d/httpd restart |
Add timezone in /etc/php.ini . Parameter “Asia/Tokyo” should be changed depending on your local time.
date.timezone = "Asia/Tokyo" |
Please install and setup mail server by using Postfix or Sendmail. Following instruction is for Postfix.
$ sudo yum install postfix |
Please modify parameters depending on your local environment.
/etc/postfix/main.cf |
$ sudo /etc/init.d/postfix start $ sudo chkconfig postfix on |
Shibboleth SP which has been installed in section 4 will be configured for Attribute Provider.
https://forge.gakunin.nii.ac.jp/svn/GakuNinmAP/local-map/sp-conf/ Please obtain an account from GakuNin Office if authentication is requested. attribute-map.xml |
shibboleth2.xml
Modify “Host Name of the IdP” to your university IdP which authenticate users.
Certificate and Key files in the “CredentialResolver” also have to be changed depending on theにserver certificate.
Initial Setting of the CredentialResolver
<CredentialResolver type="File" key="cert/server.key" certificate="cert/server.crt"/> |
* Owner of these files have to be changed as shibd.
Back Up First $ sudo cp /etc/shibboleth/attribute-map.xml /etc/shibboleth/attribute-map.xml.bk $ sudo cp /etc/shibboleth/attribute-policy.xml /etc/shibboleth/attribute-policy.xml.bk $ sudo cp /etc/shibboleth/shibboleth2.xml /etc/shibboleth/shibboleth2.xml.bk Then Copy $ sudo cp attribute-map.xml /etc/shibboleth/. $ sudo cp attribute-policy.xml /etc/shibboleth/. $ sudo cp shibboleth2.xml /etc/shibboleth/. $ sudo mkdir /var/www/html/secure $ sudo cp attr.php /var/www/html/secure/. $ sudo mkdir /var/www/html/js $ sudo cp embedded-wayf_config.js /var/www/html/js/. |
$ sudo /etc/init.d/shibd restart$ sudo /etc/init.d/httpd restart |
Back Up First
$ sudo cp /etc/shibboleth/attribute-map.xml /etc/shibboleth/attribute-map.xml.bk
$ sudo cp /etc/shibboleth/attribute-policy.xml /etc/shibboleth/attribute-policy.xml.bk
$ sudo cp /etc/shibboleth/shibboleth2.xml /etc/shibboleth/shibboleth2.xml.bk
Then Copy
$ sudo cp attribute-map.xml /etc/shibboleth/.
$ sudo cp attribute-policy.xml /etc/shibboleth/.
$ sudo cp shibboleth2.xml /etc/shibboleth/.
$ sudo mkdir /var/www/html/secure
$ sudo cp attr.php /var/www/html/secure/.
$ sudo mkdir /var/www/html/js
$ sudo cp embedded-wayf_config.js /var/www/html/js/.