FreeKB - How to install and setup shibboleth IdP on Linux
How to install and setup shibboleth IdP on Linux

Home > Search > How-to

This tutorial will set up the following environment.


Install Java Runtime Environment (JRE).

~]# yum install jre


Add JAVA_HOME to your ~/.bash_profile file.

export JAVA_HOME=/usr/lib/jvm/jre


Install Shibboleth IdP (Identity Provider).

cd /tmp
tar -zxf shibboleth-identity-provider-<version>.tar.gz
cd shibboleth-identity-provider-<version>/bin/


There will be a series of prompts. Here are possible answers to the prompts. Ensure your DNS server can resolve the FQDN to the IP address of the Shibboleth server.

  • Install location = /opt/shibboleth-idp
  • FQDN = idp.your.domain
  • Password = myPassword


Copy the idp.war file to the Tomcat webapps folder. If you do not have a Tomcat server set up, install Tomcat and start Tomcat.

Note that the idp.war may take a long time to start up (5 minutes or so). This seems to be due to some issue with Shibboleth and LDAP.

~]# cp /opt/shibboleth-idp/war/idp.war /opt/tomcat/webapps/


Assuming Tomcat is configured to use port 8443, navigate to, and ok should be displayed.


For more status information, add the IP address of your domain to the WEB-INF/web.xml file in the idp war.

    <param-value> ::1/128</param-value>


You should also be able to navigate to, and the IdP metadata should be displayed. The metadata displayed in the browser should be exactly the same as the metadata in your /opt/shibboleth-idp/metadata/idp-metadata.xml file.




Add a Comment

We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.

Please enter in the box below so that we can be sure you are a human.