...
- Edit Apache configuration:
Shibboleth includes sample Apache configuration files in
etc/shibbolethfor each version of Apache. On newer OS X versions, one method is to copy the appropriate file to/private/etc/apache2/other/shib.confand make whatever adjustments you like. Alternatively, you can add anIncludetohttpd.confitself, but this isn't advisable because that file will be overwritten on subsequent installs/upgrades. Use it as a sample to add the necessary commands to your own configuration.- Ensure that the
ServerNamedirective is properly set, and that Apache is being started with SSL enabled. - The Use of theĀ
<RequestMap>feature is not recommended for use with Apache, but its use requires that theĀUseCanonicalNamedirective should be set toOnfor secure operation.
- Restart Apache.
The port install process generates and installs a launchd descriptor to use in starting and monitoring
shibd. You can manually start and stop it yourself, or you can use launchctl like so:Code Block none none launchctl load -F /Library/LaunchDaemons/org.macports.shibd.plist launchctl unload -F /Library/LaunchDaemons/org.macports.shibd.plist
If you want shibd to start upon boot, run:
Code Block none none launchctl load -Fw /Library/LaunchDaemons/org.macports.shibd.plist
Note If you get this error:
httpd: Syntax error on line 484 of /etc/apache2/httpd.conf: Syntax error on line 2 of /private/etc/apache2/other/shibboleth.conf: Syntax error on line 13 of /opt/local/etc/shibboleth/apache22.config: Cannot load /opt/local/lib/shibboleth/mod_shib_22.so into server: dlopen(/opt/local/lib/shibboleth/mod_shib_22.so, 10): no suitable image found. Did find:\n\t/opt/local/lib/shibboleth/mod_shib_22.so: mach-o, but wrong architecture
Then refer to the NativeSPMacApache32 topic for information on Apple's questionable Apache choice.
By default, the Shibboleth module is configured to log information on behalf of Apache to
/opt/local/var/log/httpdshibboleth-www/native.logshibdcreates its own separate logs in/opt/local/var/log/shibboleth
...