Install SP 2.5 on Realm Linux 6
NOTE: Our vision3 yum repository has been replaced by vision4. If you are installing on a 64-bit RHEL 6/7 or CentOS 6/7 x86_64 server, you should follow our Install SP 2.5 on RedHat Linux 6/7 instructions.
You should only use vision3 if you are running 32-bit RHEL6 i686 OS.
OIT provides a yum repository of added software for Realm Linux 6 machines. We have already imported the Native Service Provider and all of its dependent packages into this repo. Packages are available for both i686 and x86_64 variants.
Add the vision3 yum repo to your server
Login to your server and become root. Run these commands to install our repo files:
cd /etc/yum.repos.d
wget http://install.linux.ncsu.edu/pub/yum/OIT/vision3/vision3.repo
Download and install the signing certificate used to verify our repo.
rpm --import https://sysnews.ncsu.edu/oit-unixsys.gpg
Now you can verify that the repo is being used by looking for the SP package named "shibboleth".
yum search shibboleth
# returns ...
shibboleth.i686 : Open source system for attribute-based Web SSO
Install the SP software using yum
On your server, still as root, run yum to install the shibboleth package and its dependencies.
yum install shibboleth
It should return a list of packages that will be installed. Your versions and architecture may be different from this example:
Installing:
shibboleth i686 2.5.5-2.1.vision3.el6 vision3 1.3 M
Installing for dependencies:
libcurl-openssl i686 7.43.0-1.1.vision3.el6 vision3 197 k
liblog4shib1 i686 1.0.9-1.1.vision3.el6 vision3 68 k
libsaml8 i686 2.5.5-1.1.vision3.el6 vision3 930 k
libxerces-c-3_1 i686 3.1.2-1.1.vision3.el6 vision3 899 k
libxml-security-c17 i686 1.7.3-1.1.vision3.el6 vision3 285 k
libxmltooling6 i686 1.5.5-1.1.vision3.el6 vision3 675 k
opensaml-schemas i686 2.5.5-1.1.vision3.el6 vision3 30 k
xmltooling-schemas i686 1.5.5-1.1.vision3.el6 vision3 12 k
If your installation looks right, answer "Is this ok" with "y" and let it proceed.
This installs:
- shibd - a new service.
- /etc/shibboleth - default directory for config files for shibd.
- /etc/httpd/conf.d/shib.conf - Apache httpd module config file.
Initial testing
The shibd service can be started for initial testing without performing any configuration. This test will only ensure that the pieces start correctly.
On your server, still as root, restart the shibd and httpd services.
service shibd start
service httpd restart
The default httpd shib module creates a handler URL on your server at the URL path /Shibboleth.sso. You can verify this handler is running by making a Status request from the localhost.
wget -O - http://localhost/Shibboleth.sso/Status
This should return quickly with an XML document on STDOUT. If it does, you are ready to proceed with Configuration.