Installs a Shibboleth service provider and registers it with Testshib.org's IdP. Also installs Apache and configures it to require users to authenticate with Shibboleth.
-
The landrush Vagrant plugin is required to provide a DNS name for the VM. Install it with
vagrant plugin install landrush. -
You should set the hostname in
Vagrantfileto something unique. This will be used to construct the SP's SAMLentityID. If you want to use something other than*.vagrant.test, you will also need to configure landrush's TLD. -
To bring up the VM, run
vagrant up. This will install the SP and configure it with ashibboleth2.xmlfile downloaded from Testshib. -
Prepare the SP's metadata. The default metadata generated by the SP can be obtained by running
curl -k "https://$(hostname)/Shibboleth.sso/Metadata"from the VM. There is a shortcut script for this at/vagrant/scripts/default-metadata.sh. -
Once the metadata is ready, upload it either through Testshib's website or by running
/vagrant/scripts/upload-metadata.sh /path/to/metadata.xml. Testshib indexes metadata by filename, so to make changes to your metadata later you will need to upload it with the same filename (See http://www.testshib.org/register.html for more information). Theupload-metadata.shscript caches the name of the metadata file you upload and warns you if you attempt to use a different file name later. -
After uploading metadata, restart
shibdand Apache.systemctl restart shibd && systemctl restart httpd. -
Open https://hostname in a browser, where hostname is what you set in step 2. You should be redirected to Testshib to authenticate.