Here is a quick how-to on installing the Shibboleth Identity Provider software on Ubuntu 16.04. I uploaded a video to YouTube that roughly accompanies this guide. You’ll obviously need to replace hostnames accordingly.
This guide makes the following assumptions:
- You are running a 64 bit version of Ubuntu 16.04
- Tomcat, Java, are NOT installed
- You have a working DNS resolver
Install and update Ubuntu VM – This doesn’t need documenting.
Install Java and Tomcat
sudo apt-get install tomcat8 tomcat8-admin
Add the following to your
You may need to log off and on again for these variables to take effect or issue a:
$CATALINA_HOME/conf/tomcat-users.xml and add the following between the
<tomcat-users> tags to enable access to the Tomcat manager web site:
<role rolename="manager-gui"/> <user username="admin" password="secret" roles="manager-gui"/>
Modify the Tomcat memory restriction from 128m to 1500m in
sudo service tomcat8 restart
Open a web browser and check http://shib-idp.lan:8080/manager to check that Tomcat is running properly
Download and extract the latest Shibboleth Identity Provider software from: https://shibboleth.net/downloads/identity-provider/latest/
Open a terminal and change directory to the extracted archive. eg.
To install the IdP software issue:
sudo -E bin/install.sh
You will be prompted for the installation source, Installation folder, Hostname. Entity ID, Attribute Scope and some passwords. Use the defaults for all of these except the passwords of course.
Change the owner of the installation to tomcat8:
sudo chown -R tomcat8 /opt/shibboleth-idp
/opt/shibboleth-idp/conf/access-control.xml and add your network and number of bits in CIDR notation. eg.
To deploy Shibboleth IdP on Tomcat, open a text editor and create
$CATALINA_HOME/conf/Catalina/localhost/idp.xml and give it the following contents:
<Context docBase="/opt/shibboleth-idp/war/idp.war" privileged="true" antiResourceLocking="false" swallowOutput="true"/>
Start the IdP in Tomcat App Manager
Check the status of the IdP by issuing:
sudo curl -O https://build.shibboleth.net/nexus/service/local/repositories/thirdparty/content/javax/servlet/jstl/1.2/jstl-1.2.jar
sudo chown tomcat8 jstl-1.2.jar
sudo -E bin/build.sh
Choose the default installation directory.
In your web browser, open: