You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

  1. Configure the system to use Apache 2.2.x, according to other pages on this wiki.
  2. Download the source code tarball and build script from either Aether or the /mit/webauth/shibboleth/source webauth Athena locker.
    1. Download from Aether: 
      cd /home/www/tmp
scp root@aether.mit.edu:/opt/software-repository-tmp/Touchstone/shibboleth-sp-1.3.1-sources.tgz \
   /home/www/tmp
    2. Download for the webauth Athena locker: 
      cd /home/www/tmp
scp athena.dialup.mit.edu:/mit/webauth/shibboleth/source/shibboleth-sp-1.3.1-sources.tgz /home/www/tmp
  3. Make certain that the correct version of apxs from httpd-devel packages are installed. 
    yum install httpd-devel-2.2.3-11.el5_1.3.x86_64
  4. Create a Shibboleth build directory, unpack the tarball into it, and run the build script. 
    mkdir /home/www/tmp/shibboleth-build-directory
cd /home/www/tmp/shibboleth-build-directory
tar -xzvf /home/www/tmp/shibboleth-sp-1.3.1-sources.tgz
./build-sp.sh -p /home/www/shibboleth
chown -R www:www /home/www
  5. Configure Shibboleth, as described in Configuring+and+customizing+the+Shibboleth+SP.
    • Download to the config files from Aether of the webauth Athena locker and run the gen-shib.sh script: 
      cd /home/www/shibboleth/etc/shibboleth
scp root@aether:/opt/software-repository-tmp/Touchstone/config-SP/* \
   /home/www/shibboleth/etc/shibboleth
chmod u+x /home/www/shibboleth/etc/shibboleth/gen-shib.sh
./gen-shib.sh
    • Edit the file /home/www/apache/conf/httpd.  After the line "Include conf/extra/httpd-ssl.conf", insert the following: 
      # Touchstone/Shibboleth
Include /home/www/shibboleth/etc/shibboleth/apache22.config
  6. Add the init script to /etc/init.d, and set to run on appropriate runlevels. 
    cd /home/www/shibboleth/etc/shibboleth
cp /home/www/shibboleth/etc/shibboleth/shibd-redhat /etc/init.d/shibd
chmod u+x,a-w /etc/init.d/shibd
cd /etc/init.d
ln -s /etc/init.d/shibd /etc/rc.d/rc3.d/S45shibd
ln -s /etc/init.d/shibd /etc/rc.d/rc4.d/S45shibd
ln -s /etc/init.d/shibd /etc/rc.d/rc5.d/S45shibd
ln -s /etc/init.d/shibd /etc/rc.d/rc3.d/K45shibd
ln -s /etc/init.d/shibd /etc/rc.d/rc4.d/K45shibd
ln -s /etc/init.d/shibd /etc/rc.d/rc5.d/K45shibd
/etc/init.d/shibd start
  7. At a convenient time, bounce Apache and related web services. 
    /etc/init.d/web stop
/etc/init.d/web start
  • No labels