Installing SP2.x under Linux: Difference between revisions
No edit summary |
(Seems to work, if still a little brief) |
||
| Line 1: | Line 1: | ||
Currently assumes SLES 10. See also [https://spaces.internet2.edu/display/SHIB2/NativeSPLinuxInstall NativeSPLinuxInstall] in the Internet2 Shib Wiki. | Currently assumes SLES 10 using UCS -supplied RPMs. See also [https://spaces.internet2.edu/display/SHIB2/NativeSPLinuxInstall NativeSPLinuxInstall] in the Internet2 Shib Wiki. | ||
Currently also assuming prefork apache installed (may or may not work with worker). | |||
Acquire (**TODO: from where?) and install RPMs for | Acquire (**TODO: from where?) and install RPMs for | ||
| Line 13: | Line 15: | ||
In /etc/shibboleth: | In /etc/shibboleth: | ||
* replace the supplied shibboleth2.xml and attribute-map.xml with [[Shibbileth2.xml - internal use skeleton]] and [[Attribute-map.xml - internal use skeleton]] respectively | * replace the supplied shibboleth2.xml and attribute-map.xml with [[Shibbileth2.xml - internal use skeleton]] and [[Attribute-map.xml - internal use skeleton]] respectively (copies also installed as *-UCAMSKEL) | ||
* find all occurrences of 'FIX-ME' in the new shibboleth2.xml and replace them as directed in the adjacent comments. | * find all occurrences of 'FIX-ME' in the new shibboleth2.xml and replace them as directed in the adjacent comments. | ||
* Create a copy of [['Ucam Federation' IdP metadata]] | * Create a copy of [['Ucam Federation' IdP metadata]] | ||
* TODO: need download locations for these | * TODO: need download locations for these | ||
Run | Run (as root) | ||
shibd -t | /usr/sbin/shibd -t | ||
expect to see "overall configuration is loadable, check console for non-fatal problems". Fix mistakes. otherwise. | expect to see "overall configuration is loadable, check console for non-fatal problems". Fix mistakes. otherwise. | ||
Start shibd (as root) with | |||
/etc/init.d/shibd start | |||
[Note: "Starting shibd listener failed to enter listen loop" means that you were not root]. See /var/log/shibboleth/shibd.log for startup messages. | |||
(re-)start Apache. In case of failure see /var/log/apache2/error_log | |||
Access http://<hostname>/secure/. You should be redirected to Raven to authenticate, be asked to accept release of your information to your site, and then see a 404 error page from your server (because you have no content in the requested location). See /var/log/apache2/error_log, /var/log/shibboleth/shibd.log and /var/log/shibboleth/transaction.log for clues if something goes wrong. | |||
Revision as of 15:56, 9 March 2009
Currently assumes SLES 10 using UCS -supplied RPMs. See also NativeSPLinuxInstall in the Internet2 Shib Wiki.
Currently also assuming prefork apache installed (may or may not work with worker).
Acquire (**TODO: from where?) and install RPMs for
log4shib xerces-c xml-security-c xmltooling opensaml shibboleth
and any of their dependencies.
In /etc/shibboleth:
- replace the supplied shibboleth2.xml and attribute-map.xml with Shibbileth2.xml - internal use skeleton and Attribute-map.xml - internal use skeleton respectively (copies also installed as *-UCAMSKEL)
- find all occurrences of 'FIX-ME' in the new shibboleth2.xml and replace them as directed in the adjacent comments.
- Create a copy of 'Ucam Federation' IdP metadata
- TODO: need download locations for these
Run (as root)
/usr/sbin/shibd -t
expect to see "overall configuration is loadable, check console for non-fatal problems". Fix mistakes. otherwise.
Start shibd (as root) with
/etc/init.d/shibd start
[Note: "Starting shibd listener failed to enter listen loop" means that you were not root]. See /var/log/shibboleth/shibd.log for startup messages.
(re-)start Apache. In case of failure see /var/log/apache2/error_log
Access http://<hostname>/secure/. You should be redirected to Raven to authenticate, be asked to accept release of your information to your site, and then see a 404 error page from your server (because you have no content in the requested location). See /var/log/apache2/error_log, /var/log/shibboleth/shibd.log and /var/log/shibboleth/transaction.log for clues if something goes wrong.
