Giter Club home page Giter Club logo

idem-tutorials's Introduction

idem-tutorials

These GitHub Repository contains step-by-step tutorials on Identity and Service Providers provided by the IDEM Federation Operator and the IDEM Community.

Table of Contents

IDEM Federation Operators HOWTOs

Linux Debian Distributions

HOWTO Install and Configure an Identity Provider

  1. HOWTO Install and Configure a Shibboleth IdP v5.x on Debian-Ubuntu Linux with Apache + Jetty
  2. HOWTO Install and Configure a Shibboleth IdP v4.x on Debian-Ubuntu Linux with Apache2 + Jetty9 (End-Of-Life at 01/09/2024)
  3. HOWTO Install and Configure a SimpleSAMLphp IdP v2.x on Debian-Ubuntu Linux with Composer

HOWTO Install and Configure a Service Provider

  1. HOWTO Install and Configure a Shibboleth SP v3.x on Debian-Ubuntu Linux

Linux RedHat Distributions

HOWTO Install and Configure an Identity Provider

  1. HOWTO Install and Configure a Shibboleth IdP v4.x on Rocky Linux 8 with Apache2 + Jetty9 (End-Of-Life at 01/09/2024)
  2. HOWTO Install and Configure a Shibboleth IdP v4.x on CentOS with Apache2 + Jetty9 - (End-Of-Life at 30/06/2024)

HOWTO Install and Configure a Service Provider

  1. HOWTO Install and Configure a Shibboleth SP v3.x on CentOS 7 (x86_64)

Miscellaneous

PrivacyIDEA

Shibboleth

SimpleSAMLphp

OpenLDAP

HOWTOs DEPRECATED

  1. HOWTO Install and Configure a SimpleSAMLphp SP v1.x on Debian Linux 9 (Stretch)
  2. HOWTO Install and Configure a SimpleSAMLphp IdP v1.x on Debian Linux with Composer
  3. HOWTO Install and Configure a SimpleSAMLphp IDP v1.x on Debian Linux 10 (Buster)
  4. HOWTO Install and Configure a Shibboleth IdP v3.4.3 on Ubuntu Linux LTS 18.04 with Apache2 + Jetty9
  5. HOWTO Install and Configure a Shibboleth IdP v3.3.2 on Ubuntu Linux LTS 16.04 with Apache2 + Jetty9
  6. HOWTO Install and Configure a Shibboleth IdP v3.2.1 on Ubuntu Linux LTS 16.04 with Apache2 + Jetty9
  7. HOWTO Install and Configure a Shibboleth IdP v3.2.1 on Ubuntu Linux LTS 16.04 with Apache2 + Tomcat8
  8. HOWTO Install and Configure a Shibboleth SP v2.x on Debian Linux 9 (Stretch)
  9. HOWTO Install and Configure a Shibboleth SP v2.6.1(from source) on Debian Linux 9 (Stretch)
  10. HOWTO Install and Configure a Shibboleth IdP v3.4.x on Debian-Ubuntu Linux with Apache2 + Jetty9 (End Of Life Dec 2020)
  11. HOWTO Install and Configure a Shibboleth IdP v3.4.x on CentOS 7 with Apache2 + Jetty9 (End of Life Dec 2020)
  12. HOWTO Install and Configure a Shibboleth IdP v3.2.1 on Linux Fedora 24 Server Edition with Apache2 + Jetty9
  13. HOWTO Install and Configure a Shibboleth IdP v3.2.1 on Linux Fedora 24 Server Edition with Apache2 + Tomcat8
  14. HOWTO Configure a Shibboleth IdP v3.2.1 to authenticate users existing on different LDAP Servers
  15. HOWTO Install and Configure OpenLDAP for federated access on CentOS

IDEM Community Users HOWTOs

Shibboleth

Ansible Playbook

idem-tutorials's People

Contributors

cappe87 avatar daserzw avatar francesco-filicetti avatar geoffroya avatar hardikaurea avatar im-not-alex avatar malavolti avatar mario-spitze avatar peppelinux avatar yveralt avatar zioproto avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

idem-tutorials's Issues

Shibboleth SP v3 extracts duplicate attribute value

Dears,

I dont know if anyone encountered this problem before as I am having difficulty solving it.
Debian with Spv3 on apache and tomecat backend is extracting two duplicate attribute values for SchacHoneOrganization and Eppn. Any idea why this is happening two duplicate values instead of one value? Sur name and displayName are working fine.
Also note that IDP is sending one value for each as I have checked it using the aacli script.

Thank you

Commenti di Scott Cantor sulle guide IDEM - errori e miglioramenti

Errori e miglioramenti notati da Scott Cantor. Processiamoli uno alla volta aprendo una issue per ognuno.

[email protected] Scott Cantor added a comment - 5 days ago

I'll try and cover all the problems here as best I can. I'm not just closing out the bug because I still think it's a bug (though not ours), but this is really more of a "how not to configure the IdP" set of issues.

1. You're using a database for a bunch of things you absolute do NOT want to use one for and don't need to be. I doubt you're even using SAML artifact support, are you? if you don't have a back channel, you can't be. So that doesn't matter much. But you most definitely do NOT want to use a database for sessions. You should use client side sessions unless you can provide a strong argument as to why you shouldn't. We provide the software defaulting to that for a reason.

2. You have the computed ID strategy property there uncommented, so your identifiers must be, for the most, all coming from the original salted hash approach and just being stored in the database that way. You can look at the stored ID table and check, and if they're all long and base64 or base32-encoded, and not just simple UUIDs, then you don't need a database for them at all. Dump the stored ID approach and leave it configured to produce them with the computed approach alone. Major problem solved there.

3. You're sharing the same DataSource bean across two different subsystems when you could easily separate them into two, and have the StoredID support (which you don't need most likely, see #2) separate from the StorageService support. That solves the "nothing works when consent fails" problem. Isolation is good.

4. I still have to assume the problem here is your driver and/or the settings. We don't really provide support for that layer but offhand I don't see anything obvious. Without much more logging, there's really nothing I can say about the driver (other than make sure it's the absolute newest one you can get).

I do think you created the storage service database with the wrong schema, perhaps. The context and key columns have to be be case sensitively handling the primary key constraint, which should make the new records non-conflicting with the originals that had the mixed case. If that's not possible in the database you're using, it can't be used, but I assume it just wasn't created correctly. It could also be a Hibernate limitation, I don't know anything about it, but I'll ask the author. It seems like it must be finding the old records on a case-insensitive search, so that might be the root of it.

After the fact, getting the records updated to fix the mixed case would seem like the obvious fix to me. You can't make it work any other way if it's going to keep failing to create those new records, even if the connections didn't become unstable when it failed.

Apache di jetty non parte

Ho eseguito passo passo la guida:

HOWTO Install and Configure a Shibboleth IdP v3.4.x on CentOS 7 with Apache2 + Jetty9

Arrivato al punto 11 della sezione "Install Jetty 9 Web Server" denominato "Check if the Apache Welcome page is available:" non ho rilevato alcun servizio apache in esecuzione.

NOTA: Il link per il download di jetty andrebbe modificato in :

Wrong Apache Instructions in README

The following line refers to a Debian/Ubuntu install of Apache (apache2). While the rest of the instructions are for Centos Apache (httpd):

"Modify the file /etc/apache2/sites-available/default-ssl.conf as follows:"

This line et. al. should be changed to "/etc/httpd/sites-available" with mkdir and adding "IncludeOptional sites-enabled/*.conf" to "/etc/httpd/conf/httpd.conf" as the provided instructions will not work.

Error: Unable to find a match: java-11-amazon-corretto-devel

Hello,

I'm trying to install Shibboleth Idp4.X on CentOS 8. I saw this error when came to the step below:

[root@XXShibboleth ~]# yum install -y java-11-amazon-corretto-devel
Last metadata expiration check: 0:12:44 ago on Wed 28 Oct 2020 03:24:44 PM CST.
No match for argument: java-11-amazon-corretto-devel

Could you please let me know how to fix this?

Thanks,
Peng

shibidp4 idp.propreties

I think that the following could be usefull for security reasons

idp.cookie.secure = true
idp.frameoptions = DENY

idp.session.StorageService su database?

Opinione di Scott Cantor

But you most definitely do NOT want to use a database for sessions. You should use client side sessions
unless you can provide a strong argument as to why you shouldn't. We provide the software defaulting to that for a reason.

How to install nginx Shibboleth SP in Cent OS 7

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.