Shibboleth 2 IDP安装(windows xp)
一、环境准备
1、安装Java1.5以上
2、安装tomcat6
3、安装ANT1.7.1
二、步骤
1、运行IDP_HOME\ant.bat(运行前,请先修改resources\WEB-INF\web.xml),将<param-value>file://$IDP_HOME$/conf/internal.xml; file://$IDP_HOME$/conf/service.xml;</param-value>改为<param-value>file:///$IDP_HOME$/conf/internal.xml; file:///$IDP_HOME$/conf/service.xml;</param-value>,否则启动tomcat时会报错(IOException parsing XML document from URL )
2、将IDP中的endorsed目录复制到tomcat主目录
3、在环境变量中加入JAVA_OPTS=-Xmx512m -XX:MaxPermSize=256m
4、将shib-jce-1.0.jar复制到JAVA_HOME/jre/lib/ext
5、修改JAVA_HOME\jre\lib\security\java.security文件,将security.provider.#=edu.internet2.middleware.shibboleth.DelegateToApplicationProvider 加入security.provider最后一行(#是顺序的数字),示例:
security.provider.8=sun.security.smartcardio.SunPCSC security.provider.9=sun.security.mscapi.SunMSCAPI security.provider.10=edu.internet2.middleware.shibboleth.DelegateToApplicationProvider
6、修改TOMCAT_HOME\conf\server.xml,将下列定义加入
<Connector protocol="org.apache.coyote.http11.Http11Protocol"
port="8443"
maxHttpHeaderSize="8192"
maxSpareThreads="75"
scheme="https"
secure="true"
clientAuth="want"
SSLEnabled="true"
sslProtocol="TLS"
keystoreFile="IDP_HOME/credentials/idp.jks"
keystorePass="PASSWORD"
truststoreFile="IDP_HOME/credentials/idp.jks"
truststorePass="PASSWORD"
truststoreAlgorithm="DelegateToApplication"/>
如果是tomcat5.5就删除protocol="org.apache.coyote.http11.Http11Protocol",将IDP_HOME改为IDP的目录,PASSWORD是安装IDP时keystore的密码
7、将idp.war复制到TOMCAT_HOME\webapps下
三、测试
1、在浏览器中输入http://localhost:8080/idp/profile/Status 看到OK表示成功