shibboleth 12 target installation

Fri, Jun 25, 2004

These instructions are for the Shibboleth 1.2 target install on Suse Linux 8.2

You can get Shibboleth 1.2 and openSAML by clicking here

The first thing you have to do is get a load of support libraries that are needed by openSAML. At the time of writing, these are documented in the doc/README.txt of the openSAML distribution and are:

  • gcc/g++ GNU compiler 3.x I got this from ftp.suse.com. It also required libstdc++-devel-3.3-23.i586.rpm
  • OpenSSL 0.9.60.9.7 - this was already installed but comes as an rpm from Suse
  • libcurl 7.10.3
  • Xerces-C 2.2
  • log4cpp 0.3.4b
  • Xalan - you don’t really need this but xml-security would quite like to use it
  • xml-security 0.2.0

the rpms are easy : rpm -Uhv

libcurl Nice and easy: ./configure make make install

log4cpp ./configure make make install this doesn’t seem to install anything so do: cp src/.libs/liblog* /usr/lib

Xerces-C export XERCESCROOT=/usr/local/src/shibboleth/xerces-c-src_2_5_0 cd $XERCESCROOT/src/xercesc ./autoconf ./runConfigure -plinux -cgcc -xg++ -minmem -nsocket -tnative -rpthread gmake the libs are $XERCESROOT/lib copy libxerces-c.so.25.0 to /usr/lib and recreate the symlinks the headers have to be installed for xml-security to find them: cp -r $XERCESROOT/include/xerces /usr/include

Xalan-C (for xml-security) http://ftp.plig.org/pub/apache/dist/xml/xalan-c/ export XALANCROOT=/usr/local/src/shibboleth/xml-xalan/c $XALANCROOT/runConfigure -plinux -cgcc -xg++ -minmem -rpthread make cp $XALANCROOT/lib/* /usr/lib

xml-security export XSECCROOT=/usr/local/src/shibboleth/xml-security-c-1.1.0 export XERCESROOT=/usr/local/src/shibboleth/xerces-c-src_2_5_0 export XALANCROOT=/usr/local/src/shibboleth/xml-xalan/c cd $XSECCROOT/src ./configure make cd $XSECCROOT/lib cp libxml* /usr/lib cp -r $XSECCROOT/include/xsec /usr/lib

openSAML before you go build it you’ll have to do: cd /usr/lib ln -s libcurl.so.2.0.2 libcurl.so or the openSAML build will fail.When you’ve done that, do: ./configure –prefix=/usr/local/shibboleth –with-xmlsec=/usr -C make make install

shibboleth ./configure –prefix=/usr/local/shibboleth
–with-saml=/usr/local/shibboleth
–with-log4cpp=/usr/local/shibboleth
–enable-apache-20
–with-apxs2=/usr/local/apache/bin/apxs -C make make install to test it, you can do: export LD_LIBRARY_PATH=/usr/local/shibboleth/lib /usr/local/shibboleth/bin/shibtest -h test-handle
-f urn:mace:shibboleth:test:nameIdentifier -q urn:mace:inqueue:example.edu

If you get an openSAML error about versions, then you’ve got an old version of openSAML. Those nice people at internet2 have put a version check into the shibboleth build which will save you a lot of hassle :)

Once you’ve built everything, you can configure Apache 2 by copy/paste the contents of /usr/local/shibboleth/etc/shibboleth/apache2.config to httpd.conf

The target and origin configurations are more complex so I’ll detail them in another blog entry

comments powered by Disqus