Version 10 (modified by lttoth@…, 11 years ago) (diff) |
---|
Server Installation of Shibboleth Identity Provider (IdP): Clean Install
Although all Linux servers managed by UA OIT, Technical Services are RHEL, most of the instructions below are appropriate VMWare CentOS 6 and for Virtual Box CentOS 6. I have noted differences in installation for Virtual Box CentOS 6 where appropriate.
Installation Pre-requisites
The following topics address applications that must be installed appropriately before the Shibboleth IdP installation.
Install Web Server
Although other web servers can manage Shibboleth, at UA the server is implemented via Tomcat. As of 8 January 2014, Shibboleth IdP is restricted to Tomcat versions no higher than Tomcat 6. RHEL Tomcat is not an option due to the necessary location and configuration choices. The following link provides instructions for Tomcat 6 download/install as
Tomcat 6 Download
Tomcat 6 Documentation
Instructions specific to Shibboleth IdP versions 7 and higher can be found at:
Preparing Apache Tomcat for the Shibboleth Identity Provider
Install Compatible JDK - Open JDK
RHEL Java installations are not compatible with Shibboleth IdP. Tomcat must also be configured to use Open JDK rather than RHEL. The following instructions guide users through determining which Open JDK java versions are appropriate for your server and then making the installation.
Determine the OpenJDK Version
RHEL Response
[root@anaconda]# yum makecache && yum search openjdk ... =============================== N/S Matched: openjdk =============================== java-1.6.0-openjdk.x86_64 : OpenJDK Runtime Environment java-1.6.0-openjdk-demo.x86_64 : OpenJDK Demos java-1.6.0-openjdk-devel.x86_64 : OpenJDK Development Environment java-1.6.0-openjdk-javadoc.x86_64 : OpenJDK API Documentation java-1.6.0-openjdk-plugin.x86_64 : OpenJDK Web Browser Plugin java-1.6.0-openjdk-src.x86_64 : OpenJDK Source Bundle java-1.7.0-openjdk.x86_64 : OpenJDK Runtime Environment java-1.7.0-openjdk-demo.x86_64 : OpenJDK Demos java-1.7.0-openjdk-devel.x86_64 : OpenJDK Development Environment java-1.7.0-openjdk-javadoc.noarch : OpenJDK API Documentation java-1.7.0-openjdk-src.x86_64 : OpenJDK Source Bundle icedtea-web.x86_64 : Additional Java components for OpenJDK
Virtual Box CentOS 6
[root@localhost ~]# yum makecache && yum search openjdk ... =============================== N/S Matched: openjdk =============================== java-1.6.0-openjdk.i686 : OpenJDK Runtime Environment java-1.6.0-openjdk-demo.i686 : OpenJDK Demos java-1.6.0-openjdk-devel.i686 : OpenJDK Development Environment java-1.6.0-openjdk-javadoc.i686 : OpenJDK API Documentation java-1.6.0-openjdk-src.i686 : OpenJDK Source Bundle java-1.7.0-openjdk.i686 : OpenJDK Runtime Environment java-1.7.0-openjdk-demo.i686 : OpenJDK Demos java-1.7.0-openjdk-devel.i686 : OpenJDK Development Environment java-1.7.0-openjdk-javadoc.noarch : OpenJDK API Documentation java-1.7.0-openjdk-src.i686 : OpenJDK Source Bundle icedtea-web.i686 : Additional Java components for OpenJDK - Java browser plug-in and : Web Start implementation
Install Selected OpenJDK Version
The following command installs the desired java version of OpenJDK. The version will vary based on the results of the command above.
[root@localhost ~]# su -c "yum install java-1.7.0-openjdk"
Install ntpd
First determine if ntpd is installed on the server. If it is not, install it.
[root@localhost ~]# service ntpd status
If ntpd is not installed, a message is returned specifying the service request is unknown. The following command installs ntpd via yum.
[root@localhost ~]# yum install ntp ntpdate ntp-doc
Once installed status can always be checked by:
[root@localhost ~]# service ntpd status ntpd is stopped
The following commands control ntpd:
- service ntpd start
- service ntpd stop
- chkconfig ntpd on
The first two are self-explanatory. The last sets ntpd to set the correct time at boot.
Install Shibboleth Identity Provider
InCommon? provides excellent documentation on its wiki site. The following provide links to both the IdP and SP (Service Provider) installation and configuration guides: