Shibboleth 2 IDP安装(windows xp)

一、环境准备
1、安装Java1.5以上
2、安装tomcat6
3、安装ANT1.7.1

二、步骤
1、运行IDP_HOME\ant.bat(运行前，请先修改resources\WEB-INF\web.xml),将<param-value>file://$IDP_HOME$/conf/internal.xml; file://$IDP_HOME$/conf/service.xml;</param-value>改为<param-value>file:///$IDP_HOME$/conf/internal.xml; file:///$IDP_HOME$/conf/service.xml;</param-value>，否则启动tomcat时会报错(IOException parsing XML document from URL )
2、将IDP中的endorsed目录复制到tomcat主目录
3、在环境变量中加入JAVA_OPTS=-Xmx512m -XX:MaxPermSize=256m
4、将shib-jce-1.0.jar复制到JAVA_HOME/jre/lib/ext
5、修改JAVA_HOME\jre\lib\security\java.security文件，将security.provider.#=edu.internet2.middleware.shibboleth.DelegateToApplicationProvider 加入security.provider最后一行(#是顺序的数字)，示例：

security.provider.8=sun.security.smartcardio.SunPCSC
security.provider.9=sun.security.mscapi.SunMSCAPI
security.provider.10=edu.internet2.middleware.shibboleth.DelegateToApplicationProvider 

 

6、修改TOMCAT_HOME\conf\server.xml，将下列定义加入

<Connector protocol="org.apache.coyote.http11.Http11Protocol"
       port="8443"
           maxHttpHeaderSize="8192"
           maxSpareThreads="75"
           scheme="https"
           secure="true"
           clientAuth="want"
           SSLEnabled="true"
           sslProtocol="TLS"
           keystoreFile="IDP_HOME/credentials/idp.jks"
           keystorePass="PASSWORD"
           truststoreFile="IDP_HOME/credentials/idp.jks"
           truststorePass="PASSWORD"
           truststoreAlgorithm="DelegateToApplication"/>

如果是tomcat5.5就删除protocol="org.apache.coyote.http11.Http11Protocol"，将IDP_HOME改为IDP的目录，PASSWORD是安装IDP时keystore的密码

7、将idp.war复制到TOMCAT_HOME\webapps下

三、测试
1、在浏览器中输入http://localhost:8080/idp/profile/Status 看到OK表示成功