Skip to content

Building Shibboleth with FastCGI support

Jump to bottom Edit New page
Ondřej Košarko edited this page Jan 22, 2018 · 7 revisions

Building Shibboleth SP

Compilation of Shibboleth is a tedious but well documented on Shibboleth wiki

Run ./configure script --with-fastcgi to implement FastCGI support required by Nginx.

For the compilation you will need boost header files. xmltooling requires libcurl. Next you'll need libfcgi or apache2/httpd dev packages when building for apache. On Ubuntu/Debian installed with:

#check the version of libboost first
sudo apt-get install libfcgi-dev libboost-all-dev

or

sudo apt-get install apache2-dev

These are roughly the commands that get you quickly from ShibbolethSP sources to ShibbolethSP running application:

  • The expected installation directory is /opt/shibboleth-sp-fastcgi
  • NOTE: Links may be broken (Fix them by editing the wiki)
  • DO NOT copy the commands blindly
  • finally make sure with ldd that shibd is really using the libraries you have just built, if not rerun the build with --with-* options

See this gist for compilation script.

#!/bin/bash
# https://github.com/ufal/lindat-dspace/wiki/Building-Shibboleth-with-FastCGI-support
# ensure the versions are still latest

sudo apt-get install libfcgi-dev libboost-all-dev openssl libssl-dev pkg-config libcurl4-openssl-dev

INSTALLDIR=/opt/shibboleth-sp-fastcgi

function get {
  local dirname=$1
  local version=$2
  local url=$3
  local archive="$dirname-$version.tar.gz"

  if [ ! -d "$dirname" ]; then
    wget -O "$archive" "$url$archive"
    tar -xzvf "$archive"
    mv `tar -ztf "$archive" | head -n 1` "$dirname.$version"
        ln -s $dirname.$version $dirname
    rm "$archive"
  fi
}

get log4shib 1.0.9 http://shibboleth.net/downloads/log4shib/latest/
get xerces-c 3.2.0 http://mirror.hosting90.cz/apache/xerces/c/3/sources/
get xml-security-c 1.7.3 http://mirror.hosting90.cz/apache/santuario/c-library/
get xmltooling 1.6.3 http://shibboleth.net/downloads/c++-opensaml/latest/
get opensaml 2.6.1 http://shibboleth.net/downloads/c++-opensaml/latest/
get shibboleth-sp 2.6.1 http://shibboleth.net/downloads/service-provider/latest/


function compile {
    local dirname=$1
    local config="--enable-option-checking=fatal $2"

    cd $dirname && \
    ./configure $config && \
    make && \
    sudo make install && \
    cd ..
}

compile log4shib "--disable-static --disable-doxygen --prefix=$INSTALLDIR" && \
compile xerces-c "--disable-netaccessor-curl --prefix=$INSTALLDIR" && \
compile xml-security-c "--without-xalan --disable-static \
  --with-xerces=$INSTALLDIR \
  --prefix=$INSTALLDIR" && \
compile xmltooling "--with-log4shib=$INSTALLDIR --prefix=$INSTALLDIR -C" && \
compile opensaml "--with-log4shib=$INSTALLDIR --prefix=$INSTALLDIR -C" && \
compile shibboleth-sp "--with-log4shib=$INSTALLDIR \
  --prefix=$INSTALLDIR \
  --with-fastcgi"

For apache you can drop the --with-fastcgi line and you need to add one of

  --enable-apache-13      enable the Apache 1.3 module
  --enable-apache-20      enable the Apache 2.0 module
  --enable-apache-22      enable the Apache 2.2 module
  --enable-apache-24      enable the Apache 2.4 module

and maybe a path to apxs (via one of the --with-apxs* options)

Congratulation you have compiled and installed your own Shibboleth SP.

Add a custom footer
Add a custom sidebar
Clone this wiki locally