Differences

This shows you the differences between two versions of the page.

--- docpublic:systemes:shibboleth:spv2 [2011/11/16 10:13]
PROCACCIA
+++ docpublic:systemes:shibboleth:spv2 [2014/04/28 20:48] (current)
procacci@tem-tsp.eu [yum install]
@@ Line 6: / Line 6: @@
   * https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPGettingStarted
   * https://federation.renater.fr/docs/installation#installer_un_sp_shibboleth
+  * https://shib.kuleuven.be/docs/sp/2.x/install-sp-2.x-rhel.html
+  * https://wiki.umn.edu/ShibAuth/Shibboleth2Xml
+  * https://wiki.cac.washington.edu/display/infra/Configure+a+Service+Provider+for+Step-up+Two-Factor+Authentication
+  * https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPApplicationOverride
 ===== Repo opensuse =====
@@ Line 21: / Line 25: @@
 </code>
+<code>
+[root@idp-imt1-bc ~]# cd /etc/yum.repos.d/
+[root@idp-imt1-bc yum.repos.d]# wget http://download.opensuse.org/repositories/security://shibboleth/CentOS_CentOS-6/security:shibboleth.repo
+</code>
 ===== yum install =====
@@ Line 49: / Line 57: @@
 Installed size: 19 M
+</code>
+<code>
+Installed:
+  shibboleth.i686 0:2.5.3-1.1
 </code>
@@ Line 66: / Line 79: @@
 # /etc/init.d/shibd start ; tail -f /var/log/shibboleth/shibd.log
 </code>
+Ainsi que httpd restart / reload pour charger le mod_shib contenu dans /etc/httpd/conf.d/shib.conf
+<code>
+# /etc/init.d/httpd reload
+</code>
 ==== native.log ====
@@ Line 97: / Line 117: @@
 Acces:
-  * http://blog3.it-sudparis.eu/Shibboleth.sso/Status
+  * http://www-pub.it-sudparis.eu/Shibboleth.sso/Status
 les metadata directement:
-  * http://blog3.it-sudparis.eu/Shibboleth.sso/Metadata
+  * http://www-pub.it-sudparis.eu/Shibboleth.sso/Metadata
@@ Line 166: / Line 186: @@
 </code>
+===== Multiples vhost sur un meme SP =====
+==== references ====
+  * https://wiki.cam.ac.uk/raven/Virtual_hosting_issues_with_Shibboleth
+  * https://wiki.cam.ac.uk/raven/SP_Metadata
+  * https://services.renater.fr/federation/docs/fiches/virtualhosting-sp
+générer la paire de clé pour l'application/vhost
+<code>
+[root@colmut shibboleth]# ./keygen.sh -h moodev.tem-tsp.eu -f
+Generating a 2048 bit RSA private key
+......+++
+.....................................................................................+++
+writing new private key to './sp-key.pem'
+-----
+[root@colmut shibboleth]# mv sp-key.pem moodev.tem-tsp.eu-sp-key.pem
+[root@colmut shibboleth]# mv sp-cert.pem moodev.tem-tsp.eu-sp-cert.pem
+[root@colmut shibboleth]# chown shibd moodev.tem-tsp.eu-sp-key.pem moodev.tem-tsp.eu-sp-cert.pem
+</code>
+déclaration de l'application override avec chargement des certificats auto-signés ci-dessus
+<code>
+...
+       <ApplicationOverride id="moodev" entityID="https://moodev.tem-tsp.eu/sp"
+                  REMOTE_USER="eppn persistent-id targeted-id">
+         <CredentialResolver type="File" key="moodev.tem-tsp.eu-sp-key.pem" certificate="moodev.tem-tsp.eu-sp-cert.pem"/>
+        </ApplicationOverride>
+    </ApplicationDefaults>
+</code>

docpublic/systemes/shibboleth/spv2.1321438433.txt.gz · Last modified: 2011/11/16 10:13 (external edit)

Show page Old revisions

[unknown link type]Back to top