-7/31/03
-Version 1.1
+7/15/05
+Version 1.3
Binary distributions of the Shibboleth code are available.
Information on obtaining and installing binaries can be found at
-http://shibboleth.internet2.edu/ and in the deploy guide in this
-directory.
+http://shibboleth.internet2.edu/
This document provides details for those wishing to build from source.
-C++ / TARGET
+C++ Service Provider
Your first step is going to be the OpenSAML INSTALL.txt file. Please read it
thoroughly to understand the issues. All the requirements in that file
ideally, let our configure script use your Apache's apxs script to extract
the necessary information.
-Once Apache is in place, you'll also need to build the libapreq library.
-Adjust the include path as needed.
+Also, at a minimum, Apache needs to be built with mod_so enabled for
+dynamically loading modules. If you encounter problems with crashing
+or apparent module conflicts, make sure you've built Apache and any
+modules with threading support and ideally as much dynamically as
+possible.
-http://www.apache.org/dist/httpd/libapreq/libapreq-1.1.tar.gz
-
-$ tar xvzf libapreq-1.1.tar.gz
-$ cd libapreq-1.1
-$ ./configure --prefix=/opt/shibboleth --enable-static=no \
- --with-apache-includes=/usr/local/apache/include
-$ make
-$ make install
+Apache 1.x does not directly support threads, but you can set the
+CFLAGS variable before running configure to include the proper gcc
+thread flag (usually -pthread or -pthreads, depends on your platform).
--- MySQL (optional)
-The distribution now includes a session cache plugin using embedded MySQL.
+The distribution now includes a cache plugin using embedded MySQL.
This plugin will be included in the build by default if the embedded MySQL
library (libmysqld.a) can be found, or if the --with-mysql option is passed
to configure. You can force exclude the plugin with the --disable-mysql option.
Many default installs of MySQL will not include the embedded library, so don't
be surprised if it's not there. Also, just as with PHP and certain other packages
that include C++, you'll need to build it with the same compiler used to build
-Shibboleth unless g++ 3.2 or higher was used.
+Shibboleth.
-The MySQL 4.0.x build is currently not clean on either platform. There are errors
-in several Makefile.in files that have to corrected to get the build to work.
+The MySQL 4.x build is currently not clean. There are errors in several
+Makefile.in files that have to corrected to get the build to work.
The patch for the pre-configure Makefile.in files in version 4.0.12 is included
in this directory as the file "mysql-4.0.12.diff", which can be applied from the
-mysql-4.0.12 directory.
+mysql-4.0.12 directory. Similar changes may be needed in other versions.
After patching, to get it to build, the --with-embedded-server option is used
-with MySQL. An example build is below:
+with MySQL. An example build with gcc/g++ is below:
-$ cd mysql-4.0.12
+$ cd mysql-4.1.12
$ env CFLAGS="-fPIC -DPIC" CXXFLAGS="-fPIC -DPIC"
$ ./configure --prefix=/opt/mysql \
- --libexecdir='${exec_prefix}/sbin' \
+ --libexecdir='${exec_prefix}/sbin' --disable-static \
--enable-thread-safe-client --enable-assembler --enable-local-infile \
--with-extra-charsets=complex --with-embedded-server \
--with-berkeley-db --with-innodb --with-raid
--- Shibboleth
-Building the Shibboleth target libraries, shar, test programs, and Apache
+Building the Shibboleth libraries, shibd, test programs, and Apache
modules is more or less like building OpenSAML. You can get the code from
CVS and run the bootstrap script if you want, or just use a source tarball.
+
With the source distribution or the results of your bootstrap:
-$ ./configure --prefix=/opt/shibboleth --with-xmlsec=/opt/shibboleth --with-apxs -C
+$ ./configure --prefix=/opt/shibboleth-sp --with-log4cpp=/opt/shibboleth-sp \
+ --enable-apache-13 --with-apxs --enable-apache-20 --with-apxs2 -C
$ make
$ make install
-This will build the Apache modules by extracting build settings from apxs.
-The configure script will look in normal spots for the script
-(/usr/bin/apxs, /usr/local/apache/bin/apxs) but you can point it if you need to.
+This will build the Apache 1.x and 2.x modules by extracting build settings
+from apxs. The configure script will look in normal spots for the script
+(/usr/bin/apxs, /usr/local/apache/bin/apxs) but you can point to it so that
+both modules can be built at once.
If you want to build the modules but not use apxs, you can use the
--without-apxs option, and provide flags using the APXS_PREFIX, APXS_CFLAGS,
APXS_INCLUDE, APXS_LIBEXEC, and APXS_SYSCONFDIR variables (see the apxs docs
for some guidance on what these should be).
-To test your installation, you can try this:
+To test your installation, you can try the shibtest utility, which actually
+loads your configuration and attempts to obtain attributes from a Shibboleth
+Attribute Authority of your choosing. You indicate to it the identifier of
+the principal to query, and the identifier (providerId) of the origin site,
+and it will use your configuration files to locate the proper AA.
-$ set LD_LIBRARY_PATH=/opt/shibboleth/lib; export LD_LIBRARY_PATH
-$ cd /opt/shibboleth
-$ bin/shibtest -d etc/shibboleth/ -h foo -q urn:mace:inqueue:example.edu \
- -r http://www.foo.edu/ -a http://wayf.internet2.edu/InQueue/AA
+$ set LD_LIBRARY_PATH=/opt/shibboleth-sp/lib; export LD_LIBRARY_PATH
+$ /opt/shibboleth/bin/shibtest -h test-handle \
+ -f urn:mace:shibboleth:test:nameIdentifier \
+ -q urn:mace:inqueue:example.edu
+The example shown uses a built-in test principal, and uses the InQueue
+example origin, which is known to the SP after initial installation.
You should get some reasonably structured output back that lists some simple
attributes. An error here is a pretty good sign there's trouble.
projects / shibboleth / sp.git / blobdiff