SAML Integration

Previous Next

This tutorial is part of the SAML Series.

Back to SAML

Category: Advanced

Difficulty: 5 out of 5

Duration: 60 minutes

1. Overview 2. Shibboleth Guides 3. Install Shibboleth - Example A 4. Install Shibboleth - Example B 5. Configure Shibboleth 6. Review SP attribute-filter.xml file 7. Attribute Based Authorisation 8. Configure Apache 9. Start services and check logs 10. Configure the application 11. Links 12. Next Steps

Find a mistake? Let us know the issue here.

Install Shibboleth - Example A


A Simple PHP Server installed on Linux

The following is a sequence of steps to protect a service (in this instance, a simple PHP script) by deploying a Shibboleth SP with Apache running on Linux.

For supported Linux distributions, the Shibboleth Consortium provides a web service which generates the appropriate package management configuration file. Read about this service.

Copy the configuration into a file in the repository directory, on CentOS/RedHat for example, the file can be labelled /etc/yum.repos.d/shibboleth.repo

1. Install Shibboleth

Install Shibboleth, Apache and the SSL libraries for the architecture of the OS: x86_64 or i386, to ensure the installation of the appropriate versions of mod_shib.so and other pluggable modules. This demonstration will use Shibboleth SP 3.1.x, Apache 2.4 and the current SSL libraries, and PHP to demonstrate the protection of a simple application and passing user attributes to the application.

$> yum install httpd.x86_64 mod_ssl.x86_64 shibboleth.x86_64 PHP.x86_64 -y

An outline for installing the Shibboleth SP on other web platforms is available in the Shibboleth Wiki.

At this point in the deployment process, determine which federation the application will join: TEST or PRODUCTION. This choice influences which metadata distribution service to connect and which Federation Manager (FM) will process the SP Registration.

Up Next:

4. Install Shibboleth - Example B