Eolisation d'un Fournisseur d'identité Shibboleth / Eole Shibboleth IDP integration
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

20-init-shib-IDP 1.8KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354
  1. #!/bin/bash
  2. IDPENABLED=$(CreoleGet activer_idp non)
  3. [[ ${IDPENABLED} == "non" ]] && exit 0
  4. SRCDIR=$(CreoleGet shibbolethIDPSrc)
  5. echo "JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/jre" >> /etc/environment
  6. echo "IDP_SRC=${SRCDIR}" >> /etc/environment
  7. source /etc/environment
  8. export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/jre
  9. export IDP_SRC=${SRCDIR}
  10. tomUser="tomcat8"
  11. tomGroup="adm"
  12. srcdir=${IDP_SRC}
  13. target="/opt/shibboleth-idp"
  14. hostname=$(CreoleGet idpDomain)
  15. mergepropfile=${SRCDIR}/merge.properties
  16. entityid="$(CreoleGet entityID)"
  17. scope="$(CreoleGet samlScope)"
  18. serverCert=$(CreoleGet server_cert)
  19. serverKey=$(CreoleGet server_key)
  20. sealerPassword=$(date +%s | sha256sum | base64 | head -c 24)
  21. echo "${sealerPassword}" >> /root/idp.sealer && chmod 600 /root/.idp.sealer
  22. cat >${mergepropfile} <<__EOF__
  23. idp.entityID = ${entityid}
  24. idp.sealer.storePassword= ${sealerPassword}
  25. idp.sealer.keyPassword= ${sealerPassword}
  26. idp.signing.key= ${serverKey}
  27. idp.signing.cert= ${serverCert}
  28. idp.encryption.key= ${serverKey}
  29. idp.encryption.cert= ${serverCert}
  30. idp.entityID= http://${hostname}/idp/shibboleth
  31. idp.scope= ${scope}
  32. idp.uri.subject.alt.name= ${hostname}
  33. idp.host.name= ${hostname}
  34. idp.ui.fallbackLanguages= fr
  35. idp.session.secondaryServiceIndex = true
  36. idp.session.trackSPSessions = true
  37. idp.session.StorageService = shibboleth.StorageService
  38. __EOF__
  39. CMD="./bin/install.sh"
  40. OPT="-Didp.src.dir=${SRCDIR}"
  41. OPT="${OPT} -Didp.merge.properties=${mergepropfile}"
  42. OPT="${OPT} -Didp.home=${target}"
  43. OPT="${OPT} -Didp.target.dir=${target}"
  44. OPT="${OPT} -Didp.host.name=${hostname}"
  45. OPT="${OPT} -Didp.sealer.password=${sealerPassword}"
  46. OPT="${OPT} -Didp.keystore.password=${sealerPassword}"
  47. OPT="${OPT} -Didp.scope=${scope}"
  48. cd ${srcdir}
  49. ${CMD} ${OPT}
  50. res=${?}
  51. chown -R ${tomUser}:${tomGroup} ${target}
  52. exit ${res}