Versions Compared

Old Version 47

changes.mady.by.user Xavier Haurie

Saved on

compared with

New Version 48

changes.mady.by.user Xavier Haurie

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In summary, the directories containing configuration files which need to be modified are:

/opt/shrine/tomcat/** ← Tomcat home

/etc/shibboleth ← Shibboleth configuration files

/etc/httpd/** ← Apache configuration files

/var/www/html ← Apache static content as set in, for instance, /etc/httpd/conf/httpd.conf

Configuration files to create from scratch or to import


Location on SPDescription
key pair

/etc/shibboleth/sp-key.pem

/etc/shibboleth/sp-cert.pem

Create a key pair; include the content of the public key certificate (sp-cert.pem) in sp-metadata.xml (see below), and the paths of the key and certificate as xml attributes of the <CredentialResolver> element of shibboleth2.xml (see below)
idp-metadata.xml/etc/shibboleth/idp-metadata.xmlA copy of your IdP's metadata. You'll need to ask the admin(s) of your idP for a copy of it. Rename it to idp-metadata.xml and put it in /etc/shibboleth

Configuration files based on samples in Git

Sample configuration files can be found in the nightly shrine-setup zip file (URL?) specifically at shrine-setup/src/main/resources/sso: (need someone to provide URL)

  • sso/apache/sp.conf-sample
  • sso/apache/sp-metadata.xml-sample
  • sso/shibboleth/attribute-map.xml-sample
  • sso/shibboleth/shibboleth2.xml-sample
  • sso/tomcat/server.xml-sample
  • sso/shrine/shrine.conf-sample
  • sso/shrine/override.conf-sample

Copy these files to the location on the SP (i.e. your server) indicated in the table below. Remove the "-sample" from the file names.

...

Then search for the marker: 'ADJUST_FOR_YOUR_SITE' in each of these files for indications of what / where you need to edit them.

...