How to install and setup shibboleth IdP on Linux

Home > Search > How-to
  by

This tutorial will set up the following environment.

 

Install Java Runtime Environment (JRE).

~]# yum install jre

 

Add JAVA_HOME to your ~/.bash_profile file.

export JAVA_HOME=/usr/lib/jvm/jre

 

Install Shibboleth IdP (Identity Provider).

cd /tmp
wget http://shibboleth.net/downloads/identity-provider/<version>/shibboleth-identity-provider-<version>.tar.gz
tar -zxf shibboleth-identity-provider-<version>.tar.gz
cd shibboleth-identity-provider-<version>/bin/
./install.sh

 

There will be a series of prompts. Here are possible answers to the prompts. Ensure your DNS server can resolve the FQDN to the IP address of the Shibboleth server.

  • Install location = /opt/shibboleth-idp
  • FQDN = idp.your.domain
  • Password = myPassword

 

Copy the idp.war file to the Tomcat webapps folder. If you do not have a Tomcat server set up, install Tomcat.

~]# cp /opt/shibboleth-idp/war/idp.war /opt/tomcat/webapps/

 

Assuming Tomcat is configured to use port 8443, navigate to https://www.example.com:8443/idp/profile/Status, and ok should be displayed.

 

For more status information, add the IP address of your domain to the WEB-INF/web.xml file in the idp war.

<init-param>
    <param-name>AllowedIPs</param-name>
    <param-value>127.0.0.1/32 ::1/128 192.168.0.0/24</param-value>
</init-param>

 

You should also be able to navigate to https://www.example.com:8443/idp/shibboleth, and the IdP metadata should be displayed. The metadata displayed in the browser should be exactly the same as the metadata in your /opt/shibboleth-idp/metadata/idp-metadata.xml file.

 

 

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter in the box below so that we can be sure you are a human.




Comments