Installation Resources
Rich Graves
rgraves at carleton.edu
Fri Feb 10 14:09:40 EST 2017
Fred, if you really only want very simple SAML from AD to a small
number of commercial SPs, then you might be happier with Microsoft's
ADFS or even the very limited ability of Google Apps to act as a SAML
IdP. Use Shibboleth if you have more specific needs for federation,
security, stability, open standards, and flexibility.
It seems that you want a "distribution," not upstream code. That's fine.
If you prefer or can deal with Docker containerization, then you might
want to start with one of these:
https://github.com/Unicon/shibboleth-idp-dockerized
https://spaces.internet2.edu/display/TPD/Shibboleth-IdP+Virtual+Machine+Documentation
If you don't like Docker and have a specific use case, then look to
the relevant federation or user community. For example, the InCommon
Federation that would link you to the biggest US and European research
universities and their vendors has simplified step-by-step directions
for RHEL7 here:
https://spaces.internet2.edu/pages/viewpage.action?pageId=49841792
Note that InCommon is documenting a limited feature set of the
year-old version 3.2.1, which was superseded by 3.3 in November
(typically there are only a couple versions per year, and
compatibility between minor versions is pretty solid unless you do
something unusual). The upstream Shibboleth documentation is
necessarily more technical, up to date, and complicated than these
distribution-specific and federation-specific derivatives.
Shibboleth.net cannot reasonably provide "quick start" because there
are too many variables.
More information about the users
mailing list