Versions Compared

Old Version 46

changes.mady.by.user trscavo@internet2.edu

Saved on

compared with

New Version Current

changes.mady.by.user trscavo@internet2.edu

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Download and install the following scripts projects from GitHub:

  1. The bash-library repository project
  2. The shib-idp-probe repository project

The following subsections outline the installation process.

Install Bash Library

Download First download the bash-library source , change directory to the source directory, and code. For example, assuming you have git installed, you can clone the repository as follows:

Code Block
languagebash
$ git clone https://github.internet2.edu/InCommon/bash-library.git

Now install the source into /tmp

...

like this:

Code Block
languagebash
$ export BIN_DIR=/tmp/bin
$ export LIB_DIR=/tmp/lib
$ ./bash-library/install.sh $BIN_DIR $LIB_DIR

or install the source into your home directory:

Code Block
languagebash
$ export BIN_DIR=$HOME/bin
$ export LIB_DIR=$HOME/lib
$ ./bash-library/install.sh $BIN_DIR $LIB_DIR

...

Code Block
languagebash
$ ls -1 $BIN_DIR
cget.sh

$ ls -1 $LIB_DIR 
command_paths.sh
compatible_date.sh
compatible_mktemp.sh
config_tools.sh
extractentity_endpoints_entitytxt.xsl
httpentity_identifiers_tools.txt.xsl
entity_idp_names_txt.xsl
extract_entity.xsl
http_tools.sh
md_tools.sh
saml_tools.sh

Install Shibboleth IdP Probe

Download Next download the shib-idp-probe source , change directory to the source directory, and install the source code:

Code Block
languagebash
$ git clone https://github.internet2.edu/InCommon/shib-idp-probe.git

Install the source on top of the previous installation:

Code Block
languagebash
$ ./shib-idp-probe/install.sh $BIN_DIR $LIB_DIR

The Altogether the following additional files will be installed:

Code Block
languagebash
$ ls -1 $BIN_DIR
cget.sh
list_local_shib_idps.sh
probe_shib_idps.sh
summarize_global_shib_idps.sh
 
$ ls -1 $LIB_DIR 
command_paths.sh
compatible_date.sh
compatible_mktemp.sh
config_tools.sh
extractentity_IdPendpoints_entityIDstxt.xsl
extractentity_IdP_namesidentifiers_txt.xsl
entity_idp_names_txt.xsl
entityIDs_IdP_list_txt.xsl
extract_InCommonentity.xsl
extract_IdP_entityIDs.xsl
extract_entity_IdP_names.xsl
extract_InCommon_IdP_entityIDs.xsl
http_tools.sh
md_tools.sh
saml_tools.sh

...

Code Block
languagebash
titleProbe all Shibboleth IdPs in eduGAIN metadata
# Directory for metadata:
$ MD_DIR=/tmp/md; mkdir $MD_DIR
 
# Fetch the production eduGAIN metadata aggregate:
$ MD_LOCATION=http://mds.edugain.org/feed-sha256.xml
$ MD_PATH=$MD_DIR/eduGAIN-metadata.xml
$ /usr/bin/curl --silent --dump-header /dev/tty $MD_LOCATION > $MD_PATH
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2017 16:57:33 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.16
Last-Modified: Mon, 02 Jan 2017 16:45:01 GMT
ETag: "1ac9c20-5451f45daeb38"
Accept-Ranges: bytes
Content-Length: 28089376
Content-Type: application/samlmetadata+xml

# How many IdPs in eduGAIN metadata?
$ /bin/cat $MD_PATH \
  | /usr/bin/xsltproc $LIB_DIR/extract_IdP_entityIDs.xsl - \
  | wc -l
    2262
    
# custom config parameters
$ export SAML2_SP_ENTITY_ID=https://sp24-test.garr.it/shibboleth
$ export SAML2_SP_ACS_URL=https://sp24-test.garr.it/Shibboleth.sso/SAML2/POST
$ export SAML2_SP_ACS_BINDING=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST

# Directory for output
$ OUT_DIR=/tmp/out/all_edugain_idps; mkdir -p $OUT_DIR

# Probe every IdP in the metadata file
$ /bin/cat $MD_PATH \
  | /usr/bin/xsltproc $LIB_DIR/extract_IdP_entityIDs.xsl - \
  | $BIN_DIR/probe_shib_idps.sh -f $MD_PATH -d $OUT_DIR -t 10 -m 15 -r 7

# To learn more about this script, read the online help file
$ $BIN_DIR/probe_shib_idps.sh -h

...