IdPQuickInstall
What It Does
The aim of the Quick Installer is to install a Shibboleth 2.x Identity Provider (IdP) and all the ancillary software it relies upon into a Windows machine which is part of an Active Directory Domain. It then configures all these packages to work in conjunction with the more common Active Directory configurations. The motivation is to short-circuit the error-prone but formulaic first stages of development and get the installation to a stage where testing and personalization can start.
It is always easier to change the configuration of something that works than it is to start with something which doesn't work at all. The aim of the installer is to expedite the process by installing a working IdP which can be the basis of a production IdP.
Using the Installer
Installation can be thought of as a five stage process:
- Download and install a 32bit Java runtime from the Java download site. This should be at least version 6.
- Set up the
JAVA_HOME
environmental variable to point to the jre environment:
set JAVA_HOME=C:\Program Files (x86)\Java\jre6
- Download the installer msi for the latest version of the Identity Provider.
- Read this document, which explains the parameters you will be prompted for.
- Install the msi file (running as the administrator).
- Test the install.
- Finish configuring the installation.
Under the hood.
Briefly, the IdP Quick Installer does the following:
- Checks to see that Java has been installed.
- Checks that there is no existing Tomcat Installation.
- Prompts the user for some configuration details.
- Installs and configures an Apache Tomcat Web Server.
- Installs the Shibboleth IdP software.
- Configures the IdP to authenticate against the Active Directory Domain.
- Configures the IdP to extract a small number of attributes from the Active Directory Domain.
The details are described on this page .
Updating the Java VM - Beta installer versions only.
If you installed java prior to running the installer then the Java VM is updated automatically and you do not need to follow this section
Earlier test versions of the installer (probably 2.1.5 beta-3 and earlier) installed a private version of Java. This will not be updated automatically. To switch to a version which is automatically update you need to be logged in as administrator and then:
- Download and install a 32 bit java VM.
- Start "Manage captive tomcat"
c:\program files\internet2\CaptiveTomcat 6.0\bin\tomcatw.exe
. - Select the Java tab.
- Click the "Use default" tick box.
- Exit the tool
- Edit
C:\Program Files (x86)\Java\jre6\lib\security\java.security
and, below the line
security.provider.9=sun.security.mscapi.SunMSCAPI
add the line
security.provider.10=edu.internet2.middleware.shibboleth.DelegateToApplicationProvider
- Copy
C:\Program Files\Internet2\CaptiveJava6\lib\ext\shib-jce-1.0.jar
toC:\Program Files\Java\jre6\lib\ext
- Restart Tomcat
- Test your IdP.
From then on you will be using a standard java installation which will update automatically. The contexts of C:\Program Files\Internet2\CaptiveJava6
can be deleted.