Within this document the macro IDP_SRC
will be used to refer to the location of the expand IdP distribution directory. The macro IDP_HOME
will be used to refer to IdP installation directory (as given during the installation process). The macro JETTY_HOME
will be used to refer to the location of the Jetty installation directory.
start.ini
(all ### is the amount of memory in megabytes to allow for the option):-XX:+UseG1GC - this enables a garbage collector that reduces the memory requirements needed for larger metadata files
The Jetty distribution ships with a number of example applications located in the JETTY_HOME/webapps directory and deployment descriptors located in JETTY_HOME/contexts. You should remove all of these unless you are specifically using them.
Most new deployments without legacy needs will not need to support back-channel SOAP communication. The most common case requiring this feature is support for legacy Shibboleth SPs using SAML 1.1 that perform attribute queries using SOAP.
If you do need this support, these connections require special security properties which are not appropriate for user-facing/browser use. Therefore an additional endpoint must be configured.
Create the file JETTY_HOME/etc/jetty-shibboleth.xml and place the following content in it:
<Configure id="Server" class="org.eclipse.jetty.server.Server"> <Call name="addConnector"> <Arg> <New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector"> <Arg> <New class="net.shibboleth.utilities.jetty7.DelegateToApplicationSslContextFactory"> <Set name="keyStore">IDP_HOME/credentials/idp.jks</Set> <Set name="keyStorePassword">PASSWORD</Set> </New> </Arg> <Set name="port">8443</Set> <Set name="maxIdleTime">30000</Set> </New> </Arg> </Call> </Configure> |
IDP_HOME
with the IdP home directory entered during installation.PASSWORD
with the password for the IdP key entered during installation.etc/jetty-shibboleth.xml
to your Jetty start.ini
file (toward the bottom of the file you should see other configuration files listed).In order to deploy the IdP Jetty must be informed of the location of the IdP war. This can be done by:
Create the file JETTY_HOME/contexts/idp.xmland place the following content in it (replacing IDP_HOME
with your IdP's home directory):
<Configure class="org.eclipse.jetty.webapp.WebAppContext"> <Set name="war">IDP_HOME/war/idp.war</Set> <Set name="contextPath">/idp</Set> <Set name="extractWAR">false</Set> <Set name="copyWebDir">false</Set> <Set name="copyWebInf">true</Set> </Configure> |