Installing Shibboleth
We are currently evaluating
Shibboleth, a
SAML 2.0 standards based Single Sign On (SSO) suit for our web applications. The installation is fairly gritty. This post started out as notes for myself, however it rapidly became apparent that these notes would be useful to others. I also noticed that this installation was taking multiple days, and that it would be too long for a single post. I will be doing a series of posts on how to do this setup.
A little background on this project. Last March when we implemented the Ingeniux CMS, we implemented a component that would allow users to authenticate with our website. This authentication could then be shared via a REST based web service that the CMS provided. This SSO was great, until we began to implement it with many systems, and problems of maintaining multiple parts of custom code in multiple programing languages (PeopleCode, ColdFusion, and PHP) that would do this authentication on multiple platforms.
I noticed that one platform we are currently piloting, Moodle, natively supports this thing called Shibboleth that does effectively the same thing. Then I noticed that many of our other systems ( PeopleSoft, and our new wireless routers,), or future systems ( Elgg, Moodle, and Google Apps Enterprise) support this as well.
Our server stats for setting up Shibboleth are:
- Linux – CentOS
- Tomcat 5.5.28
- Apache 2.2.x
- OpenSSL
- Shibboleth 2.x
- Active Directory, on Windows 2003 Server
My following posts will be broken down into the following sections:
- Installing and Configuring Tomcat 5.5
- Installing and Configuring Apache with a Self Signed SSL Certificate
- Installing and Configuring Shibboleth
I found a lot of the instructions on this to be slightly off. I’m not sure if its a combination of the versions of the software that I am using, but I figure these notes will be useful to someone else down the line (or at least myself when we build our production box).
Leave a Reply