diff options
Diffstat (limited to 'src/installer')
| -rw-r--r-- | src/installer/lib/ant-extensions-13Apr2008.jar | bin | 0 -> 21017 bytes | |||
| -rw-r--r-- | src/installer/lib/bcprov-jdk15-1.45.jar | bin | 0 -> 1663318 bytes | |||
| -rwxr-xr-x[-rw-r--r--] | src/installer/resources/build.xml | 70 | ||||
| -rwxr-xr-x[-rw-r--r--] | src/installer/resources/install.properties | 2 | ||||
| -rwxr-xr-x[-rw-r--r--] | src/installer/resources/logging.xml | 25 | ||||
| -rwxr-xr-x[-rw-r--r--] | src/installer/resources/wayfconfig.xml | 90 |
6 files changed, 103 insertions, 84 deletions
diff --git a/src/installer/lib/ant-extensions-13Apr2008.jar b/src/installer/lib/ant-extensions-13Apr2008.jar Binary files differnew file mode 100644 index 0000000..8694196 --- /dev/null +++ b/src/installer/lib/ant-extensions-13Apr2008.jar diff --git a/src/installer/lib/bcprov-jdk15-1.45.jar b/src/installer/lib/bcprov-jdk15-1.45.jar Binary files differnew file mode 100644 index 0000000..409070b --- /dev/null +++ b/src/installer/lib/bcprov-jdk15-1.45.jar diff --git a/src/installer/resources/build.xml b/src/installer/resources/build.xml index ae85dfa..32bfbd7 100644..100755 --- a/src/installer/resources/build.xml +++ b/src/installer/resources/build.xml @@ -1,46 +1,56 @@ +<?xml version="1.0" encoding="UTF-8"?> <project name="Shibboleth Discovery Service" basedir="../../.." default="install"> - <property name="installer.dir" value="${basedir}/src/installer" /> - <property name="resources.dir" value="${installer.dir}/resources" /> - <property name="webapp.dir" value="${basedir}/src/main/webapp" /> - <property name="war.name" value="discovery" /> + <property name="installer.dir" value="${basedir}/src/installer"/> + <property name="resources.dir" value="${installer.dir}/resources"/> + <property name="webapp.dir" value="${basedir}/src/main/webapp"/> + <property name="war.name" value="discovery"/> <!-- Installation specific property file --> - <property file="${resources.dir}/install.properties" /> + <property file="${resources.dir}/install.properties"/> <!-- Load ant-contrib tasks --> - <taskdef resource="net/sf/antcontrib/antlib.xml" /> + <taskdef resource="net/sf/antcontrib/antlib.xml"/> + + <!-- Load Internet2 ant extensions --> + <taskdef resource="edu/internet2/middleware/ant/antlib.xml"/> <!-- install - for deployment --> <target name="install" description="Creates the discovery service home directory, install configuration files, and create the service's WAR."> - <input message="Is this a new installation? Answering 'yes' will overwrite your current configuration." - addproperty="new.install" - validargs="yes,no" - defaultvalue="no" /> - + <input message="Where should the Shibboleth Discovery Service software be installed?" addproperty="ds.home.input" defaultvalue="${ds.home}"/> + <var name="ds.home" value="${ds.home.input}"/> + + <pathToAbsolutePath path="${ds.home}" addproperty="ds.home.path"/> + <pathToUrl path="${ds.home}" addproperty="ds.home.url"/> + <if> - <equals arg1="${new.install}" arg2="yes" /> + <available file="${ds.home.path}" property="ds.home.exists"/> <then> - <input message="Where should the Shibboleth Discovert Service software be installed?" - addproperty="ds.home.input" - defaultvalue="${ds.home}" /> - <var name="ds.home" value="${ds.home.input}" /> + <input message="The directory '${ds.home.path}' already exists. Would you like to overwrite your existing configuration?" addproperty="install.config" validargs="yes,no" defaultvalue="no"/> + </then> + <else> + <var name="install.config" value="yes"/> + </else> + </if> + <if> + <equals arg1="${install.config}" arg2="yes"/> + <then> <propertyfile file="${resources.dir}/install.properties"> - <entry key="ds.home" value="${ds.home}" /> + <entry key="ds.home" value="${ds.home}"/> </propertyfile> - <mkdir dir="${ds.home}" /> - <mkdir dir="${ds.home}/conf" /> - <mkdir dir="${ds.home}/logs" /> - <mkdir dir="${ds.home}/metadata" /> - <mkdir dir="${ds.home}/war" /> + <mkdir dir="${ds.home}"/> + <mkdir dir="${ds.home}/conf"/> + <mkdir dir="${ds.home}/logs"/> + <mkdir dir="${ds.home}/metadata"/> + <mkdir dir="${ds.home}/war"/> <copy todir="${ds.home}/conf" preservelastmodified="true" overwrite="true"> - <fileset dir="${resources.dir}" includes="wayfconfig.xml,logging.xml" /> + <fileset dir="${resources.dir}" includes="wayfconfig.xml,logging.xml"/> <filterset begintoken="$" endtoken="$"> - <filter token="DS_HOME" value="${ds.home}" /> + <filter token="DS_HOME" value="${ds.home}"/> </filterset> </copy> </then> @@ -49,20 +59,20 @@ <!-- create - always - the web.xml --> <copy file="${webapp.dir}/WEB-INF/web.xml" todir="${installer.dir}" preservelastmodified="true" overwrite="true"> <filterset begintoken="$" endtoken="$"> - <filter token="DS_HOME" value="${ds.home}" /> + <filter token="DS_HOME" value="${ds.home}"/> </filterset> </copy> <!-- build the war file --> <war warfile="${ds.home}/war/${war.name}.war" webxml="${installer.dir}/web.xml"> - <lib dir="${basedir}/lib" /> - <webinf dir="${webapp.dir}/WEB-INF" excludes="web.xml" /> - <fileset dir="${webapp.dir}" excludes="WEB-INF/**" /> + <lib dir="${basedir}/lib"/> + <webinf dir="${webapp.dir}/WEB-INF" excludes="web.xml"/> + <fileset dir="${webapp.dir}" excludes="WEB-INF/**"/> </war> <!-- Remove generated web.xml --> - <delete file="${installer.dir}/web.xml" /> + <delete file="${installer.dir}/web.xml"/> </target> -</project>
\ No newline at end of file +</project> diff --git a/src/installer/resources/install.properties b/src/installer/resources/install.properties index c37d1c1..4b9d0de 100644..100755 --- a/src/installer/resources/install.properties +++ b/src/installer/resources/install.properties @@ -1 +1 @@ -ds.home = /etc/DiscoveryService
\ No newline at end of file +ds.home = /opt/shibboleth-ds
\ No newline at end of file diff --git a/src/installer/resources/logging.xml b/src/installer/resources/logging.xml index 77fefd6..eff4799 100644..100755 --- a/src/installer/resources/logging.xml +++ b/src/installer/resources/logging.xml @@ -1,5 +1,4 @@ <?xml version="1.0" encoding="UTF-8"?> - <configuration> <!-- @@ -7,22 +6,22 @@ --> <appender name="DS_LOG" class="ch.qos.logback.core.rolling.RollingFileAppender"> <File>$DS_HOME$/logs/discoveryService.log</File> - <ImmediateFlush>true</ImmediateFlush> <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> <FileNamePattern>$DS_HOME$/logs/discovery-%d{yyyy-MM-dd}.log</FileNamePattern> </rollingPolicy> - <layout class="ch.qos.logback.classic.PatternLayout"> - <Pattern>%date{HH:mm:ss.SSS} %level [%logger] %msg%n%ex{full}%n</Pattern> - </layout> + <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder"> + <charset>UTF-8</charset> + <Pattern>%date{HH:mm:ss.SSS} - %level [%logger:%line] - %msg%n%ex{full}%n</Pattern> + </encoder> </appender> <appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender"> - <ImmediateFlush>true</ImmediateFlush> - <layout class="ch.qos.logback.classic.PatternLayout"> - <Pattern>%date{HH:mm:ss.SSS} %level [%logger] %msg%n%ex{full}%n</Pattern> - </layout> + <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder"> + <charset>UTF-8</charset> + <Pattern>%date{HH:mm:ss.SSS} - %level [%logger:%line] - %msg%n%ex{full}%n</Pattern> + </encoder> </appender> <!-- @@ -32,19 +31,19 @@ <!-- Logs DS, but not OpenSAML, messages --> <logger name="edu.internet2.middleware.shibboleth"> - <level value="WARN" /> + <level value="WARN"/> <!-- Appender, DS_LOG, is inherited from the root logger --> </logger> <!-- Logs OpenSAML, but not DS, messages --> <logger name="org.opensaml"> - <level value="INFO" /> + <level value="INFO"/> <!-- Appender, DS_LOG, is inherited from the root logger --> </logger> <root> - <level value="WARN" /> - <appender-ref ref="DS_LOG" /> + <level value="WARN"/> + <appender-ref ref="DS_LOG"/> </root> </configuration> diff --git a/src/installer/resources/wayfconfig.xml b/src/installer/resources/wayfconfig.xml index 1cd22d7..664cd0d 100644..100755 --- a/src/installer/resources/wayfconfig.xml +++ b/src/installer/resources/wayfconfig.xml @@ -1,7 +1,5 @@ -<?xml version="1.0"?> -<WayfConfig - xmlns="urn:mace:shibboleth:wayf:config:1.0" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" > +<?xml version="1.0" encoding="UTF-8"?> +<WayfConfig xmlns="urn:mace:shibboleth:wayf:config:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <!-- The default behaviour of Service is controlled via the elements and attributes below. Non default behaviour is achieved by @@ -18,11 +16,12 @@ The jspFile & errorJspFile attributes control the display The provideList attribute controls whether a single list of all - possible IdPs is presented. The default wayf.jsp works best - if this is true when provideListofList is true. + possible IdPs is presented. This also controls whether the + Quick search dialog is presented. The provideListOfList attribute controls whether multiple lists - are presented (one for each MetadataProvider). + are presented (one for each MetadataProvider). Rather than all + the entities as one. The showUsableIdPs attribute controls the contents of the above lists. The single list (provideList=true) is trimmed by @@ -32,21 +31,20 @@ The SearchIgnore element contains a list of words to be ignored while performing a search. - + + warnOnNoSAML2 causes the DS to issue a warning when it receives a + DS protocol message from an SP which is declared to not support + SAML2 in its metadata. The JIRA case + https://issues.shibboleth.net/jira/browse/SDSJ-91 has more details. + warnOnBadBinding describes what to do iof the metadata has a badly formed <DiscoveryResponse> false (or not present) means that the bad SP is removed from the metadata and an error written to the log file. - True means that we just noter this in the log file. + True means that we just note this in the log file. THIS SETTING IS SYSTEM WIDE ONLY. --> - <Default - jspFile="wayf.jsp" - errorJspFile="wayferror.jsp" - provideList="false" - provideListOfList="true" - warnOnBadBinding="false" - showUnusableIdPs="false"> + <Default jspFile="wayf.jsp" errorJspFile="wayferror.jsp" provideList="true" provideListOfList="false" warnOnBadBinding="false" warnOnNoSAML2="false" showUnusableIdPs="false"> <SearchIgnore> <IgnoreText>Institution</IgnoreText> <IgnoreText>University</IgnoreText> @@ -69,14 +67,11 @@ NOTE - for windows installation with an explicit DOS device ("C:\etc\discoveryservice") The url below should be "file://C:\program files/metadata/sites.xml - --> +--> - <MetadataProvider - displayName="Federation Name" - identifier="FirstSite" - url="file://$DS_HOME$/metadata/sites.xml"/> + <MetadataProvider displayName="Federation Name" identifier="FirstSite" url="file://$DS_HOME$/metadata/sites.xml"/> -<!-- If the WAYF is to handle data from more than one metadata source +<!-- If the DS is to handle data from more than one metadata source then more metadataproviders can be provided, as below <MetadataProvider @@ -84,27 +79,45 @@ identifier="SecondSite" backingFile="$DS_HOME$/metadata/ukfed_store.xml" url="http://metadata.ukfederation.org.uk/ukfederation-metadata.xml"/> + + White and black list providers are defined as filters inside a provider: + + <MetadataProvider + + displayName="WhiteListed Metadata" + identifier="White" + type="edu.internet2.middleware.shibboleth.metadata.provider.XMLMetadata" + backingFile="$DS_HOME$/metadata/whitelist_store.xml" + url="http://metadata.ukfederation.org.uk/ukfederation-test.xml"> + + <Filter identifier="false" + type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.ListFilter" + excludeEntries="true"> + <EntityId>https://idp.edina.ac.uk/shibboleth</EntityId> + <EntityId>https://dlib-adidp.ucs.ed.ac.uk/shibboleth</EntityId> + <EntityId>https://idp.edina.ac.uk/shibboleth-devel</EntityId> + <EntityId>https://idp.edina.ac.uk/shibboleth-devel-13</EntityId> + </Filter> + </MetadataProvider> + + NOTE that the resulting metadata has to include any SP which may need service from + this DS. + + For a black list, set excludeEntries="true" (the listed Entities will be excluded), for + a while list, set it to "false" (the listed entries will be included). + --> + <!-- Plugins are extensible, the identifier is required, as is the type, the rest is for the plugin to define --> <!-- The Cookie Plugin is part of the standard distribution it interrogates and sets the _saml_idp cookie. According to parameterization it can just delete the cookie --> - <Plugin - identifier="CookiePlugin" - type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.SamlCookiePlugin" - alwaysFollow = "FALSE" - deleteCookie = "FALSE" - cacheExpiration = "604800"/> + <Plugin identifier="CookiePlugin" type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.SamlCookiePlugin" alwaysFollow="FALSE" deleteCookie="FALSE" cacheExpiration="604800"/> - <Plugin - identifier="DeleteCookiePlugin" - type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.SamlCookiePlugin" - alwaysFollow = "FALSE" - deleteCookie = "TRUE" - cacheExpiration = "604800"/> + <Plugin identifier="DeleteCookiePlugin" type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.SamlCookiePlugin" alwaysFollow="FALSE" deleteCookie="TRUE" cacheExpiration="604800"/> <!-- Other plugins are declared similarly <Plugin @@ -129,19 +142,16 @@ --> - <DiscoveryServiceHandler - location=".+/WAYF" - default="true"> + <DiscoveryServiceHandler location=".+/WAYF" default="true"> <PluginInstance identifier="CookiePlugin"/> <!-- <PluginInstance identifier="AddressHint"/> --> </DiscoveryServiceHandler> <!-- The ClearCache handler causes the cookie to be deleted. The jsp shipped - with the WAYF refers to this handler --> + with the DS refers to this handler --> - <DiscoveryServiceHandler - location=".+/ClearCache.wayf"> + <DiscoveryServiceHandler location=".+/ClearCache.wayf"> <PluginInstance identifier="DeleteCookiePlugin"/> </DiscoveryServiceHandler> |