Versions Compared

Old Version 29

changes.mady.by.user Carl Woolf

Saved on

compared with

New Version 30

changes.mady.by.user Xavier Haurie

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


...

Installation Layout

Apache and Tomcat or your application server should be running on the same host.

Quick Shibboleth Instructions for Adjusting Configuration 

...

There are five configuration files that need to go on the host that is running shibd (Shibboleth SP). Tomcat for Shrine should be running on that same hostThey will be installed with Shibboleth SP, and they need to be overlayed/modified to reflect your installation.

FilenameLocation on SPNotes
idp-metadata.xml

/etc/shibboleth/idp-metadata.xml

A copy of your site's IdP metadata
sp-metadata.xml

/var/www/html/sp-metadata.xml 

– if your Apache sets DocumentRoot to /var/www 

To be shared dynamically with your site's Shibboleth IdP.

Or omit from the SP, and instead email it to IdP admins

attribute-map.xml /etc/shibboleth/attribute-map.xml Specifies the user-information that your IdP sends to Sp upon login
sp.conf/etc/httpd/conf.d/sp.conf

Tells Apache to require Shibboleth login for Shrine Urls (/shrine-api/*) .

Tomcat should open port 8080 only to localhost, and should reside on the same host as your SP

shibboleth2.xml/etc/shibboleth/shibboleth2.xmlSpecifies miscellaneous aspects of your SP

...

More-Detailed Discussion of Shibboleth Considerations

...

Apache Configuration

/etc/httpd/conf.d/sp.conf

...