Versions Compared

Old Version 24

changes.mady.by.user Scott Cantor

Saved on

compared with

New Version Current

changes.mady.by.user Scott Cantor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Download the appropriate MSI package for your system from https://shibboleth.net/downloads/identity-provider/latestlatest3/.

Install the appropriate Oracle Java runtime and set the JAVA_HOME environmental variable to point to the installation (My Computer->RightClick->Properties->Advanced System Settings->Environmental Variables->System Variables->New)

...

  • The installation location is where the IdP will be installed (the idp.home directory). When performing an upgrade, you should specify the location used before.
  • If you are not using the bundled Jetty container you will need to configure it to set idp.home to the installation directory (-Didp.home=C:/Program Files (x86)/Shibboleth/IdP) (but make sure that you avoid backlashes in the path you supply, as this will not function properly and is not supported).
  • The DNS name of the IdP should be something well-chosen and stable, and not the physical name of a server that might change.
  • The scope value should be a DNS subdomain, typically your organizational email domain, that will be used to compute the value of "scoped" attributes to make them unique.
  • Check the "Install Jetty" box if you want the installer to install and configure a Java container for you (but you should only do this if you can accept a very vanilla Jetty configuration). This will configure a system service called "shibd_idp" which can be controlled via the usual mechanisms or via the program 
    C:\Program Files(x86)\Shibboleth\procrun\shibd_idpw.exe
  • If you check the "Configure for Active Directory" box, then you will see a second configuration page to provide connection details for Active Directory:

...

Note
titleAlways check!

It has been observed (in

Jira Legacy
serverShibboleth System JIRA
columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId180d847ff52c7d31-bce46eab-36b23f0e-996493c3-771bff586829231b5754d506
keyIDP-1005
) that sometime the "Maximum memory pool" is not preserved. We have not been able to track this down yet, so always check after an upgrade that the settings have been preserved.

...

  • The 64 bit installer will not run on a 32 bit machine
  • The 32 bit installer will not run on a 64 bit machine.
  • If you configured jetty and installed the 64 bit installation on a machine which has a 32 bit Java installed then the service will not start.  The best fix is to install a 64 bit Java, but you can force the IdP to run with a 32 bit Java by changing the procrun executable

    C:\>sc config shibd_idp binPath= "\"C:\Program Files (x86)\Shibboleth\ProcRun\shibd_idp.exe\" service shibd_idp"

Java Installed from a .tar.gz file (tarball)

...


Non JRE Installations

Note

If you are installing a Java 11 JDK this applies to you

The component that the installation uses to run jetty only understand JRE layouts and may not be able to locate you copy of Java.  This will prevent Jetty (and hence the IdP) from starting)

To fix this:

  1. run shibd_idpw
  2. Go to the "java tab"
  3. Unclick "Use Default"
  4. Under "Java Virtual Machine" browse to %JAVA_HOME%\jre\bin\server\jvm.dll (for instance: C:\Program Files\java\jdk1.8.0_25\jre\bin\server\jvm.dll)the JVM

Image Added

Troubleshooting the Jetty installation

...