January 26, 2004
Building Shibboleth from Source
A project that's been on my back burner for some time is getting a machine built as a test environment for Shibboleth-based authentication into our site. Have been following the mail list and scoured the documentation a few times over to get up tp speed on what it takes.
The shib Linux documentation uses RedHat 7, 8 or 9 as a base to start the install, but I'm attempting to install the modules in my Gentoo environment. Just to see how different the binary build is I got the binaries . . . after some playing I got a few of the Gentoo-installed libraries working but there were so many question marks I moved on to build from sources.
In essence, the shib documentation has you build a complete set of libraries and install them in /opt/shibboleth. Rather than temp fate, trying to incorporate existing libraries, I built all the sources (even if I already had the current libs in /usr/include):
When I got to compiling OpenSAML the compiler was croaking, I guess OpenSAML 0.9.1 doesn't compile with gcc > 3.2 (I'm using 3.3.2). Checked the head out of cvs, recompiled newer version of libcurl, and OpenSAML compiled without issue.
Compiling libapreq for shib on Gentoo was slightly different, apache include files are in /usr/include/apache, not /usr/local/apache/include as indicated in the shib documentation.
The compile of Shibboleth 1.1 failed miserably, I assume because I am using OpenSAML from cvs head. I got the latest version of Shibboleth source from cvs and the compile went through without a hitch.
When trying to start Apache the mod_shibrm wasn't there and I discovered that in the configure args you need to put in a --with-apache-13 to get the module to build (maybe something wrong with the apxs).
And the test script works . . . wohooo! Apache now started, with mod_shibrm module. Now onto configuring.
Posted by mike at January 26, 2004 6:22 PM