Eolisation d'un Fournisseur d'identité Shibboleth / Eole Shibboleth IDP integration
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

20-init-shib-IDP 1.9KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465
  1. #!/bin/bash
  2. IDPENABLED=$(CreoleGet activer_idp non)
  3. [[ ${IDPENABLED} == "non" ]] && exit 0
  4. RUN=0
  5. case $1 in
  6. instance | init) RUN=1 ;;
  7. reconfigure) RUN=0 ;;
  8. *) RUN=0 ;;
  9. esac
  10. if [[ ${RUN} -eq 1 ]]
  11. then
  12. SRCDIR=$(CreoleGet shibbolethIDPSrc)
  13. echo "JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/jre" >> /etc/environment
  14. echo "IDP_SRC=${SRCDIR}" >> /etc/environment
  15. source /etc/environment
  16. export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/jre
  17. export IDP_SRC=${SRCDIR}
  18. tomUser="tomcat8"
  19. tomGroup="adm"
  20. srcdir=${IDP_SRC}
  21. target="/opt/shibboleth-idp"
  22. hostname=$(CreoleGet nom_domaine_machine)
  23. mergepropfile=${SRCDIR}/merge.properties
  24. entityid="$(CreoleGet entityID)"
  25. scope="$(CreoleGet samlScope)"
  26. serverCert=$(CreoleGet server_cert)
  27. serverKey=$(CreoleGet server_key)
  28. sealerPassword=$(date +%s | sha256sum | base64 | head -c 24)
  29. echo "${sealerPassword}" >> /root/idp.sealer && chmod 600 /root/.idp.sealer
  30. cat >${mergepropfile} <<__EOF__
  31. idp.entityID = ${entityid}
  32. idp.sealer.storePassword= ${sealerPassword}
  33. idp.sealer.keyPassword= ${sealerPassword}
  34. idp.signing.key= ${serverKey}
  35. idp.signing.cert= ${serverCert}
  36. idp.encryption.key= ${serverKey}
  37. idp.encryption.cert= ${serverCert}
  38. idp.entityID= http://${hostname}/idp/shibboleth
  39. idp.scope= ${scope}
  40. idp.uri.subject.alt.name= ${hostname}
  41. idp.host.name= ${hostname}
  42. idp.ui.fallbackLanguages= fr
  43. idp.session.secondaryServiceIndex = true
  44. __EOF__
  45. CMD="./bin/install.sh"
  46. OPT="-Didp.src.dir=${SRCDIR}"
  47. OPT="${OPT} -Didp.merge.properties=${mergepropfile}"
  48. OPT="${OPT} -Didp.home=${target}"
  49. OPT="${OPT} -Didp.target.dir=${target}"
  50. OPT="${OPT} -Didp.host.name=${hostname}"
  51. OPT="${OPT} -Didp.sealer.password=${sealerPassword}"
  52. OPT="${OPT} -Didp.keystore.password=${sealerPassword}"
  53. OPT="${OPT} -Didp.scope=${scope}"
  54. cd ${srcdir}
  55. ${CMD} ${OPT}
  56. res=${?}
  57. chown -R ${tomUser}:${tomGroup} ${target}
  58. exit ${res}
  59. else
  60. exit 0
  61. fi