...
- Apache must be installed and your website have an SSL certificate installed and SSL enabled. To request a SSL certificate: https://it.cornell.edu/ssl/renew-or-request-ssl-certificate.
- Shibboleth doesn't support http access. If http access is supported on your site, define a redirect rule in Apache configuration that route http traffic to https.
- Make sure your server time is accurate.
- Your server has user shibd available.
Installation
Expand | ||
---|---|---|
| ||
If you are on a CIT Managed Server, please check this document: https://sysdocs.cit.cornell.edu/Documentation/LinuxShibbolethRepository Otherwise, Install using RPM: https://wiki.shibboleth.net/confluence/display/SP3/RPMInstall
|
...
Expand | |||||
---|---|---|---|---|---|
| |||||
Navigate to https://yoursiteDomain/Shibboleth.sso/Metadata and download it.Open your downloaded file with text editor. Some browser doesn't show metadata correctly in the browser. DO NOT copy the content in the browser. Make sure the entityID is the same as your defined in shibboleth2.xml. If there are multiple sites in Apache require Shibboleth authentication, you can get SP's metadata by navigating to one of the site, then you need to manually add assertion consumer service url for all each of the other sites in your SP's metadata.
|
...