diff options
Diffstat (limited to 'src/installer/resources')
-rw-r--r-- | src/installer/resources/build.xml | 68 | ||||
-rw-r--r-- | src/installer/resources/install.properties | 1 | ||||
-rw-r--r-- | src/installer/resources/logging.xml | 50 | ||||
-rw-r--r-- | src/installer/resources/wayfconfig.xml | 159 |
4 files changed, 278 insertions, 0 deletions
diff --git a/src/installer/resources/build.xml b/src/installer/resources/build.xml new file mode 100644 index 0000000..ae85dfa --- /dev/null +++ b/src/installer/resources/build.xml @@ -0,0 +1,68 @@ +<project name="Shibboleth Discovery Service" basedir="../../.." default="install"> + + <property name="installer.dir" value="${basedir}/src/installer" /> + <property name="resources.dir" value="${installer.dir}/resources" /> + <property name="webapp.dir" value="${basedir}/src/main/webapp" /> + <property name="war.name" value="discovery" /> + + <!-- Installation specific property file --> + <property file="${resources.dir}/install.properties" /> + + <!-- Load ant-contrib tasks --> + <taskdef resource="net/sf/antcontrib/antlib.xml" /> + + <!-- install - for deployment --> + <target name="install" description="Creates the discovery service home directory, install configuration files, and create the service's WAR."> + + <input message="Is this a new installation? Answering 'yes' will overwrite your current configuration." + addproperty="new.install" + validargs="yes,no" + defaultvalue="no" /> + + <if> + <equals arg1="${new.install}" arg2="yes" /> + <then> + <input message="Where should the Shibboleth Discovert Service software be installed?" + addproperty="ds.home.input" + defaultvalue="${ds.home}" /> + <var name="ds.home" value="${ds.home.input}" /> + + <propertyfile file="${resources.dir}/install.properties"> + <entry key="ds.home" value="${ds.home}" /> + </propertyfile> + + <mkdir dir="${ds.home}" /> + <mkdir dir="${ds.home}/conf" /> + <mkdir dir="${ds.home}/logs" /> + <mkdir dir="${ds.home}/metadata" /> + <mkdir dir="${ds.home}/war" /> + + <copy todir="${ds.home}/conf" preservelastmodified="true" overwrite="true"> + <fileset dir="${resources.dir}" includes="wayfconfig.xml,logging.xml" /> + <filterset begintoken="$" endtoken="$"> + <filter token="DS_HOME" value="${ds.home}" /> + </filterset> + </copy> + </then> + </if> + + <!-- create - always - the web.xml --> + <copy file="${webapp.dir}/WEB-INF/web.xml" todir="${installer.dir}" preservelastmodified="true" overwrite="true"> + <filterset begintoken="$" endtoken="$"> + <filter token="DS_HOME" value="${ds.home}" /> + </filterset> + </copy> + + <!-- build the war file --> + <war warfile="${ds.home}/war/${war.name}.war" webxml="${installer.dir}/web.xml"> + <lib dir="${basedir}/lib" /> + <webinf dir="${webapp.dir}/WEB-INF" excludes="web.xml" /> + <fileset dir="${webapp.dir}" excludes="WEB-INF/**" /> + </war> + + <!-- Remove generated web.xml --> + <delete file="${installer.dir}/web.xml" /> + + </target> + +</project>
\ No newline at end of file diff --git a/src/installer/resources/install.properties b/src/installer/resources/install.properties new file mode 100644 index 0000000..c37d1c1 --- /dev/null +++ b/src/installer/resources/install.properties @@ -0,0 +1 @@ +ds.home = /etc/DiscoveryService
\ No newline at end of file diff --git a/src/installer/resources/logging.xml b/src/installer/resources/logging.xml new file mode 100644 index 0000000..77fefd6 --- /dev/null +++ b/src/installer/resources/logging.xml @@ -0,0 +1,50 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<configuration> + + <!-- + Logging appenders define where and how logging messages are logged. + --> + <appender name="DS_LOG" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <File>$DS_HOME$/logs/discoveryService.log</File> + <ImmediateFlush>true</ImmediateFlush> + + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <FileNamePattern>$DS_HOME$/logs/discovery-%d{yyyy-MM-dd}.log</FileNamePattern> + </rollingPolicy> + + <layout class="ch.qos.logback.classic.PatternLayout"> + <Pattern>%date{HH:mm:ss.SSS} %level [%logger] %msg%n%ex{full}%n</Pattern> + </layout> + </appender> + + <appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender"> + <ImmediateFlush>true</ImmediateFlush> + <layout class="ch.qos.logback.classic.PatternLayout"> + <Pattern>%date{HH:mm:ss.SSS} %level [%logger] %msg%n%ex{full}%n</Pattern> + </layout> + </appender> + + <!-- + Loggers define indicate which packages/categories are logged, at which level, and to which appender. + Levels: ALL, ERROR, WARN, INFO, DEBUG, OFF + --> + + <!-- Logs DS, but not OpenSAML, messages --> + <logger name="edu.internet2.middleware.shibboleth"> + <level value="WARN" /> + <!-- Appender, DS_LOG, is inherited from the root logger --> + </logger> + + <!-- Logs OpenSAML, but not DS, messages --> + <logger name="org.opensaml"> + <level value="INFO" /> + <!-- Appender, DS_LOG, is inherited from the root logger --> + </logger> + + <root> + <level value="WARN" /> + <appender-ref ref="DS_LOG" /> + </root> + +</configuration> diff --git a/src/installer/resources/wayfconfig.xml b/src/installer/resources/wayfconfig.xml new file mode 100644 index 0000000..1cd22d7 --- /dev/null +++ b/src/installer/resources/wayfconfig.xml @@ -0,0 +1,159 @@ +<?xml version="1.0"?> +<WayfConfig + xmlns="urn:mace:shibboleth:wayf:config:1.0" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" > + +<!-- The default behaviour of Service is controlled via the elements + and attributes below. Non default behaviour is achieved by + specifying any or all of these in the specific + DiscoveryServiceHandler element. + + The handleCookie, cacheDomain and cacheExpiration attributes are + no longer used. Use the cookie plugin to configure the handling + of the SAML cookie. + + The cacheExpiration attribute sets the expiration time of the + cookie (if the 'Remember for a week' selection is made). + + The jspFile & errorJspFile attributes control the display + + The provideList attribute controls whether a single list of all + possible IdPs is presented. The default wayf.jsp works best + if this is true when provideListofList is true. + + The provideListOfList attribute controls whether multiple lists + are presented (one for each MetadataProvider). + + The showUsableIdPs attribute controls the contents of the above + lists. The single list (provideList=true) is trimmed by + excluding IdPs which do not share a metadata file with the SP. + The multiple lists (provideListOfList=true) is trimmed by + excluding all lists which do not specify the SP. + + The SearchIgnore element contains a list of words to be ignored while + performing a search. + + warnOnBadBinding describes what to do iof the metadata has a badly + formed <DiscoveryResponse> false (or not present) means that the bad + SP is removed from the metadata and an error written to the log file. + True means that we just noter this in the log file. + THIS SETTING IS SYSTEM WIDE ONLY. +--> + + <Default + jspFile="wayf.jsp" + errorJspFile="wayferror.jsp" + provideList="false" + provideListOfList="true" + warnOnBadBinding="false" + showUnusableIdPs="false"> + <SearchIgnore> + <IgnoreText>Institution</IgnoreText> + <IgnoreText>University</IgnoreText> + <IgnoreText>State </IgnoreText> + <IgnoreText>School</IgnoreText> + </SearchIgnore> + </Default> + +<!-- The MetadataProvider is in a similar syntax to that used to + configure an IdP. This means that plugins for the IdP can be + used interchangably between the IdP and WAYF. + + The identifier element is used to uniquely distinguish the + metadata in a Federation element below + + If an HTTP URL is provided for the name, a backingFile has to be provided. + This is where the file will be spooled to locally. This spooled file will + be used if the DS cannot get hold of the 'real' data. + + NOTE - for windows installation with an explicit DOS device ("C:\etc\discoveryservice") + The url below should be "file://C:\program files/metadata/sites.xml + + --> + + <MetadataProvider + displayName="Federation Name" + identifier="FirstSite" + url="file://$DS_HOME$/metadata/sites.xml"/> + +<!-- If the WAYF is to handle data from more than one metadata source + then more metadataproviders can be provided, as below + + <MetadataProvider + displayName="Another Name Here" + identifier="SecondSite" + backingFile="$DS_HOME$/metadata/ukfed_store.xml" + url="http://metadata.ukfederation.org.uk/ukfederation-metadata.xml"/> +--> + +<!-- Plugins are extensible, the identifier is required, as is the + type, the rest is for the plugin to define --> + + + <!-- The Cookie Plugin is part of the standard distribution it interrogates and sets the _saml_idp + cookie. According to parameterization it can just delete the cookie --> + <Plugin + identifier="CookiePlugin" + type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.SamlCookiePlugin" + alwaysFollow = "FALSE" + deleteCookie = "FALSE" + cacheExpiration = "604800"/> + + <Plugin + identifier="DeleteCookiePlugin" + type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.SamlCookiePlugin" + alwaysFollow = "FALSE" + deleteCookie = "TRUE" + cacheExpiration = "604800"/> + + <!-- Other plugins are declared similarly + <Plugin + identifier="AddressHint" + type="uk.ac.sdss.IdPIPLookup" + /> + --> + + +<!-- Every handler has to be declared with a DiscoverServiceHandler + element. As well as the attributes and elements described above, + each DiscoveryServiceHandler *MUST* have a location attribute. + + The default wayf.xml specifies that "/WAYF", "/DS" and "/*.wayf" + are the possibilities for DiscoveryServices. If a URL matches the above, + but does not match any location in a DiscoveryServiceHandler, + then the first handler for which the default attribute is set + true is invoked. + + The web.xml built into into the war file should not be changed + unless you have to change the end points that it uses. + --> + + + <DiscoveryServiceHandler + location=".+/WAYF" + default="true"> + <PluginInstance identifier="CookiePlugin"/> + <!-- + <PluginInstance identifier="AddressHint"/> --> + </DiscoveryServiceHandler> + + <!-- The ClearCache handler causes the cookie to be deleted. The jsp shipped + with the WAYF refers to this handler --> + + <DiscoveryServiceHandler + location=".+/ClearCache.wayf"> + <PluginInstance identifier="DeleteCookiePlugin"/> + </DiscoveryServiceHandler> + +<!-- Example of how to constrain a DiscoveryService to one (or more) + explicit metadata sources. (The default is to use all metadata + sources) + + <DiscoveryServiceHandler location=".+/SecondOnly.wayf" > + + <Federation identifier="SecondSite"/> + <PluginInstance identifier="CookiePlugin"/> + </DiscoveryServiceHandler> +--> + +</WayfConfig> |