Date: Thu, 28 Mar 2024 10:45:33 +0000 (UTC) Message-ID: <1026497604.57.1711622733818@6c01df74b7b4> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_56_1464390625.1711622733817" ------=_Part_56_1464390625.1711622733817 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
Within this document the macro IDP_SRC
will be used to refe=
r to the location of the expand IdP distribution directory. The macro IDP_HOME
will be used to refer to IdP installation directory (as gi=
ven during the installation process). The macro JETTY_HOME
wil=
l be used to refer to the location of the Jetty installation directory.
start.ini
(all ### i=
s the amount of memory in megabytes to allow for the option):
-XX:+UseG1GC - this enables a garbage collector that re= duces the memory requirements needed for larger metadata files
The Jetty distribution ships with a number of example applications locat= ed in the JETTY_HOME/webapps directory and deployment descriptors = located in JETTY_HOME/contexts. You should remove all of these unl= ess you are specifically using them.
Most new deployments without legacy needs will not need to support back-= channel SOAP communication. The most common case requiring this feature is = support for legacy Shibboleth SPs using SAML 1.1 that perform attribute que= ries using SOAP.
If you do need this support, these connections require special security = properties which are not appropriate for user-facing/browser use. Therefore= an additional endpoint must be configured.
Create the file JETTY_HOME/etc/jetty-shibboleth.xml and place t= he following content in it:
<Conf= igure id=3D"Server" class=3D"org.eclipse.jetty.server.Server"> <Call name=3D"addConnector"> <Arg> <New class=3D"org.eclipse.jetty.server.ssl.SslSelectChannelConnect= or"> <Arg> <New class=3D"net.shibboleth.utilities.jetty7.DelegateToAppli= cationSslContextFactory"> <Set name=3D"keyStore">IDP_HOME/credentials/idp.jks</= Set> <Set name=3D"keyStorePassword">PASSWORD</Set> </New> </Arg> <Set name=3D"port">8443</Set> <Set name=3D"maxIdleTime">30000</Set> </New> </Arg> </Call> </Configure>
IDP_HOME
with the IdP home directory entered durin=
g installation.PASSWORD
with the password for the IdP key entered=
during installation.etc/jetty-shibboleth.xml
to your Jetty start.ini=
file (toward the bottom of the file you should see other configurat=
ion files listed).In order to deploy the IdP Jetty must be informed of the location of the= IdP war. This can be done by:
Create the file JETTY_HOME/contexts/idp.xmland place the follow=
ing content in it (replacing IDP_HOME
with your IdP's home dir=
ectory):
<Conf= igure class=3D"org.eclipse.jetty.webapp.WebAppContext"> <Set name=3D"war">IDP_HOME/war/idp.war</Set> <Set name=3D"contextPath">/idp</Set> <Set name=3D"extractWAR">false</Set> <Set name=3D"copyWebDir">false</Set> <Set name=3D"copyWebInf">true</Set> </Configure>