Versions Compared

Old Version 22

changes.mady.by.user Robert A Basch

Saved on

compared with

New Version 23

changes.mady.by.user Robert A Basch

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Download current Tomcat 6.0 binary distribution (tested with 6.0.20, available in /mit/touchstone/downloads/apache-tomcat-6.0.20.tar.gz, and install under /usr/local:
    No Format
    # cd /usr/local
# tar xzf /path/to/apache-tomcat-6.0.20.tar.gz
# rm -f tomcat
# ln -s apache-tomcat-6.0.20.tar.gz tomcat
  • Create the tomcat user, and change the ownership of the tomcat tree:
    No Format
    # groupadd -g 52 tomcat
# useradd -u 52 -g tomcat -c "Tomcat User" -d /usr/local/tomcat tomcat
# chown -R tomcat:tomcat /usr/local/apache-tomcat-6.0.20
    Install the tomcat init script in /etc/init.d/, and make sure tomcat is started at boot time:
    No Format
    # chkconfig --add tomcat

    Install Shibboleth IdP

    To install from Internet2's binary distribution (zip file), create a build directory, unzip the file, add our login handler jar file to the lib/ subdirectory, untar the mitlogin tarball at the top of the build tree, and run the install script. Enter /usr/local/shibboleth-idp as the install target. Take the default for the hostname prompt, and enter anything for the keystore password prompt; we will override both of these in our configuration. For example (replace 2.1.5 with the appropriate version number):
    No Format
    
# mkdir -p $HOME/build
# cd $HOME/build
# rm -rf shibboleth-identityprovider-2.1.5
# unzip /path/to/shibboleth-identityprovider-2.1.5-bin.zip
# cd shibboleth-identityprovider-2.1.5
# cp /path/to/shibboleth-idp-ext-MultiAuthnOptionLoginHandler-1.0-SNAPSHOT.jar lib/
# tar xzf /path/to/mitlogin.tgz
# ./install.sh
Buildfile: src/installer/resources/build.xml

install:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Be sure you have read the installation/upgrade instructions on the Shibboleth website before proceeding.
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Where should the Shibboleth Identity Provider software be installed? [/opt/shibboleth-idp]
/usr/local/shibboleth-idp
What is the fully qualified hostname of the Shibboleth Identity Provider server? [idp.example.org]

A keystore is about to be generated for you. Please enter a password that will be used to protect it.
PASSWORD
...
    This will create and populate /usr/local/shibboleth-idp; the web application (war) file will be in /usr/local/shibboleth-idp/war/idp.war. This should be copied into tomcat's webapps directory.

The idp application, running under Tomcat, needs full access to the install directory, so make sure it is owned by the tomcat user, e.g.:

No Format

# chown -R tomcat:tomcat /usr/local/shibboleth-idp
  • Extract our distribution tar file into the /usr/local/shibboleth-idp directory:
    No Format
    # mkdir -p /usr/local/shibboleth-idp
# chown tomcat:tomcat /usr/local/shibboleth-idp
# cd /usr/local/shibboleth-idp
# tar xzf /path/to/usr_local_shibboleth-idp.tgz

...