Skip to content

abokth/SWAMID-IDP-Deployer

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

81 Commits
files
files
 
 
prep
prep
 
 
xml
xml
 
 
CHANGELOG
CHANGELOG
 
 
COPYING
COPYING
 
 
README
README
 
 
config
config
 
 
deploy_idp.sh
deploy_idp.sh
 
 
install-cert
install-cert
 
 
request-cert
request-cert
 
 
self-signed-cert
self-signed-cert
 
 

Repository files navigation

Based on https://github.com/abokth/SWAMID-IDP-Deployer
Based on https://github.com/lordal/SWAMID-IDP-Deployer

Disclamer
-------------------------------------------------------------------------------

Intended to be used on a clean install of Ubuntu Server 12.04 (or
newer) or RHEL 6 (or related, or newer). Upgrade mode is only to be
used on a previous deployment of this script.

Introduction
-------------------------------------------------------------------------------

This script will install a IDP for use in SWAMID.
Uses Tomcat6 or Jboss 6.1 final.

Dependencies will be installed with apt/yum or will be fetched from
the web.

Can use LDAP or CAS for authentication.
Depends on an LDAP repository for attribute store.

Attribute release based on the following LDAP schemas:
posixAccount
inetOrgPerson
eduPerson
norEduPerson

If your attributes is stored in diffrent LDAP attributes, modify the file:
/opt/shibboleth-idp/conf/attribute-resolver.xml
(Change: "sourceAttributeID")
For Swedish civic registration numbers see:
https://portal.nordu.net/display/SWAMI/norEduPersonNIN+och+Svenska+Personnummer

Anonymous usage reporting to SWAMID is optional.


Procedure
-------------------------------------------------------------------------------
First generate a certificate request using:

  sudo ./request-cert

The install the certificate once you have it:

 sudo ./install-cert

For a test installation, a self signed certificate can be generated:

 sudo ./self-signed-cert

Then run the installation:

 sudo ./deploy_idp.sh

Upgrading
-------------------------------------------------------------------------------

You cannot change authentication method.
If you use LDAP authentication you will have to redo the login page
customization after an upgrade.


Configuration
-------------------------------------------------------------------------------

Configuration values can be predefined in the file "config", otherwise
questions will be asked.

Attribute release is configured for the following consumers:
testshib.org
antagning.se/studera.nu
And the recommended initial attribute filter policy for swamid.se

About

Shibboleth IDP Deployer for SWAMID members

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Shell 100.0%