-6/1/03
-Version 1.0
+4/15/04
+Version 1.2
Binary distributions of the Shibboleth code are available.
Information on obtaining and installing binaries can be found at
dependencies are the same. Once you reach the end of that build process and
have some confidence it worked, you can come back and continue here.
+--- Apache
+
You'll next need to get an Apache in place. If you're building from source,
you don't have to use the "real" Apache code, or use mod_ssl. You will
however need to provide the necessary build flags during configure, or
ideally, let our configure script use your Apache's apxs script to extract
the necessary information.
-Once Apache is in place, you'll also need to build the libapreq library.
-Adjust the include path as needed.
-
-http://www.apache.org/dist/httpd/libapreq/libapreq-1.1.tar.gz
-
-$ tar xvzf libapreq-1.1.tar.gz
-$ cd libapreq-1.1
-$ ./configure --prefix=/opt/shibboleth --enable-static=no \
- --with-apache-includes=/usr/local/apache/include
-$ make
+Also, at a minimum, Apache needs to be built with mod_so enabled for
+dynamically loading modules. If you encounter problems with crashing
+or apparent module conflicts, make sure you've built Apache and any
+modules with threading support and ideally as much dynamically as
+possible.
+
+--- MySQL (optional)
+
+The distribution now includes a session cache plugin using embedded MySQL.
+This plugin will be included in the build by default if the embedded MySQL
+library (libmysqld.a) can be found, or if the --with-mysql option is passed
+to configure. You can force exclude the plugin with the --disable-mysql option.
+
+Many default installs of MySQL will not include the embedded library, so don't
+be surprised if it's not there. Also, just as with PHP and certain other packages
+that include C++, you'll need to build it with the same compiler used to build
+Shibboleth unless g++ 3.2 or higher was used.
+
+The MySQL 4.0.x build is currently not clean on either platform. There are errors
+in several Makefile.in files that have to corrected to get the build to work.
+The patch for the pre-configure Makefile.in files in version 4.0.12 is included
+in this directory as the file "mysql-4.0.12.diff", which can be applied from the
+mysql-4.0.12 directory.
+
+After patching, to get it to build, the --with-embedded-server option is used
+with MySQL. An example build is below:
+
+$ cd mysql-4.0.12
+$ env CFLAGS="-fPIC -DPIC" CXXFLAGS="-fPIC -DPIC"
+$ ./configure --prefix=/opt/mysql \
+ --libexecdir='${exec_prefix}/sbin' \
+ --enable-thread-safe-client --enable-assembler --enable-local-infile \
+ --with-extra-charsets=complex --with-embedded-server \
+ --with-berkeley-db --with-innodb --with-raid
+$ make all
$ make install
+MySQL has a lot of options, so some local customization may be needed. The
+command to set the compiler flags is critical on Solaris, because the flags
+are needed to get a correct build of the library to link against.
+
+--- Shibboleth
Building the Shibboleth target libraries, shar, test programs, and Apache
modules is more or less like building OpenSAML. You can get the code from
-CVS and run the bootstrap script if you want (remember to get new versions
-of autoconf/autoheader if you're running old pre-1.5 autoconf stuff):
+CVS and run the bootstrap script if you want, or just use a source tarball.
+
+On Solaris, if you're rebuilding into a prefixed location that already
+contains a copy of the software and headers, you'll want to remove
+some of the headers to prevent extra build work when you run the make
+install command. Just do:
-$ cvs -d:pserver:anoncvs@cvs.internet2.edu:/home/cvs/shibboleth login
-$ cvs -d:pserver:anoncvs@cvs.internet2.edu:/home/cvs/shibboleth co -r Rel_1_0 shibboleth
-$ cd shibboleth/c
-$ ./bootstrap
+$ rm -rf /opt/shibboleth/include/rpc
With the source distribution or the results of your bootstrap:
-$ ./configure --prefix=/opt/shibboleth --with-xmlsec=/opt/shibboleth --with-apxs -C
+$ ./configure --prefix=/opt/shibboleth --with-log4cpp=/opt/shibboleth \
+ --enable-apache-13 --with-apxs --enable-apache-20 --with-apxs2 -C
$ make
$ make install
-This will build the Apache modules by extracting build settings from apxs.
-The configure script will look in normal spots for the script
-(/usr/bin/apxs, /usr/local/apache/bin/apxs) but you can point it if you need
-to.
+This will build the Apache 1.x and 2.x modules by extracting build settings
+from apxs. The configure script will look in normal spots for the script
+(/usr/bin/apxs, /usr/local/apache/bin/apxs) but you can point to it so that
+both modules can be built at once.
If you want to build the modules but not use apxs, you can use the
--without-apxs option, and provide flags using the APXS_PREFIX, APXS_CFLAGS,
APXS_INCLUDE, APXS_LIBEXEC, and APXS_SYSCONFDIR variables (see the apxs docs
for some guidance on what these should be).
-To test your installation, you can try this:
+To test your installation, you can try the shibtest utility, which actually
+loads your configuration and attempts to obtain attributes from a Shibboleth
+Attribute Authority of your choosing. You indicate to it the "handle" of the
+principal to query, and the identifier (providerId) of the origin site,
+and it will use your configuration files to locate the proper AA.
$ set LD_LIBRARY_PATH=/opt/shibboleth/lib; export LD_LIBRARY_PATH
-$ cd /opt/shibboleth
-$ bin/shibtest -d etc/shibboleth/ -h foo -q urn:mace:inqueue:example.edu \
- -r http://www.foo.edu/ -a http://wayf.internet2.edu/InQueue/AA
+$ /opt/shibboleth/bin/shibtest -h test-handle \
+ -f urn:mace:shibboleth:test:nameIdentifier \
+ -q urn:mace:inqueue:example.edu
+The example shown uses a built-in test principal, and uses the InQueue
+example origin, which is known to the target after initial installation.
You should get some reasonably structured output back that lists some simple
-attributes. An error here is a pretty good sign there's trouble.
+attributes. amongst the logging. An error here is a pretty good sign there's
+trouble.
projects / shibboleth / sp.git / blobdiff