Gitlab will migrate to a new storage backend starting 0300 UTC on 2020-04-04. We do not anticipate a maintenance window for this migration. Performance may be impacted over the weekend. Thanks for your patience.

Commit 79c9cdf4 authored by GraceDB's avatar GraceDB

Add shibboleth discovery service

parent c606d29a
This diff is collapsed.
#
# Note: Changes made here should be reflected in the windows .bat file at src/build.bat
#
INSTALL=/usr/bin/install
JAVA=java
TAR=tar
ZIP=zip
TARGET=shibboleth-embedded-ds-1.2.0
prefix=
sysconfdir=${prefix}/etc
all:
install: index.html
${INSTALL} -d $(DESTDIR)${sysconfdir}/shibboleth-ds
${INSTALL} -m 644 *.txt *.html *.css *.gif *.js *.conf $(DESTDIR)${sysconfdir}/shibboleth-ds
clean:
rm -rf ${TARGET}
kit: clean
mkdir ${TARGET}
mkdir ${TARGET}/nonminimised
cat src/javascript/idpselect_languages.js src/javascript/typeahead.js src/javascript/idpselect.js | ${JAVA} -jar build/yuicompressor-2.4.8.jar -o ${TARGET}/idpselect.js --type js
cp Makefile shibboleth-embedded-ds.spec LICENSE.txt doc/*.txt src/resources/index.html src/resources/idpselect.css src/resources/blank.gif src/javascript/idpselect_config.js src/apache/*.conf ${TARGET}
cp src/javascript/*.js ${TARGET}/nonminimised
dist: kit
${TAR} czf ${TARGET}.tar.gz ${TARGET}/*
${ZIP} ${TARGET}.zip ${TARGET}/*
rm -rf ${TARGET}
Welcome to the Shibboleth Embedded Discovery Service.
Shibboleth is a federated web authentication and attribute exchange
system based on SAML. The Embedded Discovery Service allows anyone
running a suitable SP to quickly and easily deploy IdP discovery.
For full instructions on installation and deployment please read:
https://wiki.shibboleth.net/confluence/display/EDS10
INSTALLED FILES.
================
The following files will be installed, please consult the documentation
for more details.
index.html - An example file showing how to embed the EDS into a
standard webpage.
idpselect.js - The minified sources for the EDS. DO NOT EDIT THIS FILE
since it will be updated by future releases.
idpselect_config.js - Configuration. Edit this file according to the
documentation (cited above).
idpselect.css - CSS for the EDS. You may wish to edit this file.
README.TXT - This file
RELEASE-NOTES.TXT - The list of bugs fixed in this and previous releases.
FURTHER DETAILS.
================
Shibboleth is licensed under the Apache 2.0 license which is provided in the
LICENSE.txt file.
Shibboleth Project Site:
http://shibboleth.internet2.edu/
Shibboleth Documentation Site:
https://wiki.shibboleth.net/confluence/display/SHIB2/Home
Source and binary distributions
http://www.shibboleth.net/downloads/
Bug Tracker:
https://issues.shibboleth.net/
Other sources:
This tools embeds the JSON parsing tool from https://github.com/douglascrockford/JSON-js
The build process uses the yui compressor (http://developer.yahoo.com/yui/compressor/)
See https://issues.shibboleth.net/jira/projects/EDS
/* Top level is idpSelectIdPSelector */
#idpSelectIdPSelector
{
width: 512px;
text-align: left;
background-color: #FFFFFF;
border: 2px #A40000 solid;
padding: 10px;
}
/* Next down are the idpSelectPreferredIdPTile, idpSelectIdPEntryTile & idpSelectIdPListTile */
/**
* The preferred IdP tile (if present) has a specified height, so
* we can fit the preselected * IdPs in there
*/
#idpSelectPreferredIdPTile
{
height:138px; /* Force the height so that the selector box
* goes below when there is only one preslect
*/
}
#idpSelectPreferredIdPTileNoImg
{
height:60px;
}
/***
* The preselect buttons
*/
div.IdPSelectPreferredIdPButton
{
margin: 3px;
width: 120px; /* Make absolute because 3 of these must fit inside
div.IdPSelect{width} with not much each side. */
float: left;
}
/*
* Make the entire box look like a hyperlink
*/
div.IdPSelectPreferredIdPButton a
{
float: left;
width: 99%; /* Need a specified width otherwise we'll fit
the contents which we don't want because
they have auto margins */
}
div.IdPSelectTextDiv{
height: 3.5ex; /* Add some height to separate the text from the boxes */
font-size: 15px;
clear: left;
}
div.IdPSelectPreferredIdPImg
{
/* max-width: 95%; */
height: 69px; /* We need the absolute height to force all buttons to the same size */
margin: 2px;
}
img.IdPSelectIdPImg {
width:auto;
}
div.IdPSelectautoDispatchTile {
display: block;
}
div.IdPSelectautoDispatchArea {
margin-top: 30px ;
}
div.IdPSelectPreferredIdPButton img
{
display: block; /* Block display to allow auto centring */
max-width: 114px; /* Specify max to allow scaling, percent does work */
max-height: 64px; /* Specify max to allow scaling, percent doesn't work */
margin-top: 3px ;
margin-bottom: 3px ;
border: solid 0px #000000; /* Strip any embellishments the brower may give us */
margin-left: auto; /* Auto centring */
margin-right: auto; /* Auto centring */
}
div.IdPSelectPreferredIdPButton div.IdPSelectTextDiv
{
text-align: center;
font-size: 12px;
font-weight: normal;
max-width: 95%;
height: 30px; /* Specify max height to allow two lines. The
* Javascript controlls the max length of the
* strings
*/
}
/*
* Force the size of the selectors and the buttons
*/
#idpSelectInput, #idpSelectSelector
{
width: 80%;
}
/*
* For some reason a <select> width includes the border and an
* <input> doesn't hence we have to force a margin onto the <select>
*/
#idpSelectSelector
{
margin-left: 2px;
margin-right: 2px;
}
#idpSelectSelectButton, #idpSelectListButton
{
margin-left: 5px;
width: 16%;
}
#idpSelectSelectButton
{
padding-left: 2px;
padding-right: 2px;
}
/*
* change underlining of HREFS
*/
#idpSelectIdPSelector a:link
{
text-decoration: none;
}
#idpSelectIdPSelector a:visited
{
text-decoration: none;
}
#idpSelectIdPSelector a:hover
{
text-decoration: underline;
}
/*
* Arrange to have the dropdown/list aref on the left and the
* help button on the right
*/
a.IdPSelectDropDownToggle
{
display: inline-block;
width: 80%;
}
a.IdPSelectHelpButton
{
display: inline-block;
text-align: right;
width: 20%;
}
/**
* Drop down (incremental search) stuff - see the associated javascript for reference
*/
ul.IdPSelectDropDown {
-moz-box-sizing: border-box;
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: small;
box-sizing: border-box;
list-style: none;
padding-left: 0px;
border: 1px solid black;
z-index: 6;
position: absolute;
}
ul.IdPSelectDropDown li {
background-color: white;
cursor: default;
padding: 0px 3px;
}
ul.IdPSelectDropDown li.IdPSelectCurrent {
background-color: #3366cc;
color: white;
}
/* Legacy */
div.IdPSelectDropDown {
-moz-box-sizing: border-box;
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: small;
box-sizing: border-box;
border: 1px solid black;
z-index: 6;
position: absolute;
}
div.IdPSelectDropDown div {
background-color: white;
cursor: default;
padding: 0px 3px;
}
div.IdPSelectDropDown div.IdPSelectCurrent {
background-color: #3366cc;
color: white;
}
/* END */
This diff is collapsed.
/** @class IdP Selector UI */
function IdPSelectUIParms(){
//
// Adjust the following to fit into your local configuration
//
this.alwaysShow = true; // If true, this will show results as soon as you start typing
this.dataSource = '/Shibboleth.sso/DiscoFeed'; // Where to get the data from
this.defaultLanguage = 'en'; // Language to use if the browser local doesnt have a bundle
this.defaultLogo = 'blank.gif'; // Replace with your own logo
this.defaultLogoWidth = 1;
this.defaultLogoHeight = 1 ;
this.defaultReturn = null; // If non null, then the default place to send users who are not
// Approaching via the Discovery Protocol for example
//this.defaultReturn = "https://example.org/Shibboleth.sso/DS?SAMLDS=1&target=https://example.org/secure";
this.defaultReturnIDParam = null;
this.helpURL = 'https://wiki.shibboleth.net/confluence/display/SHIB2/DiscoveryService'
//this.helpURL = 'https://wiki.shibboleth.net/confluence/display/SHIB2/DSRoadmap';
this.ie6Hack = null; // An array of structures to disable when drawing the pull down (needed to
// handle the ie6 z axis problem
this.insertAtDiv = 'idpSelect'; // The div where we will insert the data
this.maxResults = 10; // How many results to show at once or the number at which to
// start showing if alwaysShow is false
this.myEntityID = null; // If non null then this string must match the string provided in the DS parms
this.preferredIdP = ['https://login.ligo.org/idp/shibboleth', 'https://login2.ligo.org/idp/shibboleth', 'https://google.cirrusidentity.com/gateway'];
this.hiddenIdPs = null; // Array of entityIds to delete
this.ignoreKeywords = false; // Do we ignore the <mdui:Keywords/> when looking for candidates
this.showListFirst = false; // Do we start with a list of IdPs or just the dropdown
this.samlIdPCookieTTL = 730; // in days
this.setFocusTextBox = true; // Set to false to supress focus
this.testGUI = false;
this.autoFollowCookie = null; // If you want auto-dispatch, set this to the cookie name to use
this.autoFollowCookieTTLs = [ 1, 60, 270 ]; // Cookie life (in days). Changing this requires changes to idp_select_languages
//
// Language support.
//
// The minified source provides "en", "de", "pt-br" and "jp".
//
// Override any of these below, or provide your own language
//
//this.langBundles = {
//'en': {
// 'fatal.divMissing': '<div> specified as "insertAtDiv" could not be located in the HTML',
// 'fatal.noXMLHttpRequest': 'Browser does not support XMLHttpRequest, unable to load IdP selection data',
// 'fatal.wrongProtocol' : 'Policy supplied to DS was not "urn:oasis:names:tc:SAML:profiles:SSO:idpdiscovery-protocol:single"',
// 'fatal.wrongEntityId' : 'entityId supplied by SP did not match configuration',
// 'fatal.noData' : 'Metadata download returned no data',
// 'fatal.loadFailed': 'Failed to download metadata from ',
// 'fatal.noparms' : 'No parameters to discovery session and no defaultReturn parameter configured',
// 'fatal.noReturnURL' : "No URL return parameter provided",
// 'fatal.badProtocol' : "Return request must start with https:// or http://",
// 'idpPreferred.label': 'Use a suggested selection:',
// 'idpEntry.label': 'Or enter your organization\'s name',
// 'idpEntry.NoPreferred.label': 'Enter your organization\'s name',
// 'idpList.label': 'Or select your organization from the list below',
// 'idpList.NoPreferred.label': 'Select your organization from the list below',
// 'idpList.defaultOptionLabel': 'Please select your organization...',
// 'idpList.showList' : 'Allow me to pick from a list',
// 'idpList.showSearch' : 'Allow me to specify the site',
// 'submitButton.label': 'Continue',
// 'helpText': 'Help',
// 'defaultLogoAlt' : 'DefaultLogo'
//}
//};
//
// The following should not be changed without changes to the css. Consider them as mandatory defaults
//
this.maxPreferredIdPs = 4;
this.maxIdPCharsButton = 33;
this.maxIdPCharsDropDown = 58;
this.maxIdPCharsAltTxt = 60;
this.minWidth = 20;
this.minHeight = 20;
this.maxWidth = 115;
this.maxHeight = 69;
this.bestRatio = Math.log(80 / 60);
}
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html lang="en">
<head>
<title>IDP select test bed</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-5" />
<link rel="stylesheet" type="text/css" href="idpselect.css" />
</head>
<body>
<div id="idpSelect"></div>
<script src="idpselect_config.js" type="text/javascript" language="javascript"></script>
<script src="idpselect.js" type="text/javascript" language="javascript"></script>
<noscript>
<!-- If you need to care about non javascript browsers you will need to
generate a hyperlink to a non-js DS.
To build you will need:
- URL: The base URL of the DS you use
- EI: Your entityId, URLencoded. You can get this from the line that
this page is called with.
- RET: Your return address dlib-adidp.ucs.ed.ac.uk. Again you can get
this from the page this is called with, but beware of the
target%3Dcookie%253A5269905f bit..
< href=${URL}?entityID=${EI}&return=${RET}
-->
Your Browser does not support javascript. Please use
<a href="http://federation.org/DS/DS?entityID=https%3A%2F%2FyourentityId.edu.edu%2Fshibboleth&return=https%3A%2F%2Fyourreturn.edu%2FShibboleth.sso%2FDS%3FSAMLDS%3D1%26target%3Dhttps%3A%2F%2Fyourreturn.edu%2F">this link</a>.
</noscript>
</body>
</html>
This diff is collapsed.
/** @class IdP Selector UI */
function IdPSelectUIParms(){
//
// Adjust the following to fit into your local configuration
//
this.alwaysShow = true; // If true, this will show results as soon as you start typing
this.dataSource = '/Shibboleth.sso/DiscoFeed'; // Where to get the data from
this.defaultLanguage = 'en'; // Language to use if the browser local doesnt have a bundle
this.defaultLogo = 'blank.gif'; // Replace with your own logo
this.defaultLogoWidth = 1;
this.defaultLogoHeight = 1 ;
this.defaultReturn = null; // If non null, then the default place to send users who are not
// Approaching via the Discovery Protocol for example
//this.defaultReturn = "https://example.org/Shibboleth.sso/DS?SAMLDS=1&target=https://example.org/secure";
this.defaultReturnIDParam = null;
this.helpURL = 'https://wiki.shibboleth.net/confluence/display/SHIB2/DSRoadmap';
this.ie6Hack = null; // An array of structures to disable when drawing the pull down (needed to
// handle the ie6 z axis problem
this.insertAtDiv = 'idpSelect'; // The div where we will insert the data
this.maxResults = 10; // How many results to show at once or the number at which to
// start showing if alwaysShow is false
this.myEntityID = null; // If non null then this string must match the string provided in the DS parms
this.preferredIdP = null; // Array of entityIds to always show
this.hiddenIdPs = null; // Array of entityIds to delete
this.ignoreKeywords = false; // Do we ignore the <mdui:Keywords/> when looking for candidates
this.showListFirst = false; // Do we start with a list of IdPs or just the dropdown
this.samlIdPCookieTTL = 730; // in days
this.setFocusTextBox = true; // Set to false to supress focus
this.testGUI = false;
this.autoFollowCookie = null; // If you want auto-dispatch, set this to the cookie name to use
this.autoFollowCookieTTLs = [ 1, 60, 270 ]; // Cookie life (in days). Changing this requires changes to idp_select_languages
//
// Language support.
//
// The minified source provides "en", "de", "pt-br" and "jp".
//
// Override any of these below, or provide your own language
//
//this.langBundles = {
//'en': {
// 'fatal.divMissing': '<div> specified as "insertAtDiv" could not be located in the HTML',
// 'fatal.noXMLHttpRequest': 'Browser does not support XMLHttpRequest, unable to load IdP selection data',
// 'fatal.wrongProtocol' : 'Policy supplied to DS was not "urn:oasis:names:tc:SAML:profiles:SSO:idpdiscovery-protocol:single"',
// 'fatal.wrongEntityId' : 'entityId supplied by SP did not match configuration',
// 'fatal.noData' : 'Metadata download returned no data',
// 'fatal.loadFailed': 'Failed to download metadata from ',
// 'fatal.noparms' : 'No parameters to discovery session and no defaultReturn parameter configured',
// 'fatal.noReturnURL' : "No URL return parameter provided",
// 'fatal.badProtocol' : "Return request must start with https:// or http://",
// 'idpPreferred.label': 'Use a suggested selection:',
// 'idpEntry.label': 'Or enter your organization\'s name',
// 'idpEntry.NoPreferred.label': 'Enter your organization\'s name',
// 'idpList.label': 'Or select your organization from the list below',
// 'idpList.NoPreferred.label': 'Select your organization from the list below',
// 'idpList.defaultOptionLabel': 'Please select your organization...',
// 'idpList.showList' : 'Allow me to pick from a list',
// 'idpList.showSearch' : 'Allow me to specify the site',
// 'submitButton.label': 'Continue',
// 'helpText': 'Help',
// 'defaultLogoAlt' : 'DefaultLogo'
//}
//};
//
// The following should not be changed without changes to the css. Consider them as mandatory defaults
//
this.maxPreferredIdPs = 3;
this.maxIdPCharsButton = 33;
this.maxIdPCharsDropDown = 58;
this.maxIdPCharsAltTxt = 60;
this.minWidth = 20;
this.minHeight = 20;
this.maxWidth = 115;
this.maxHeight = 69;
this.bestRatio = Math.log(80 / 60);
}
/** @class IdP Selector UI */
function IdPSelectLanguages(){
//
// Globalization stuff
//
this.langBundles = {
'en': {
'fatal.divMissing': '<div> specified as "insertAtDiv" could not be located in the HTML',
'fatal.noXMLHttpRequest': 'Browser does not support XMLHttpRequest, unable to load IdP selection data',
'fatal.wrongProtocol' : 'Policy supplied to DS was not "urn:oasis:names:tc:SAML:profiles:SSO:idpdiscovery-protocol:single"',
'fatal.wrongEntityId' : 'entityId supplied by SP did not match configuration',
'fatal.noData' : 'Metadata download returned no data',
'fatal.loadFailed': 'Failed to download metadata from ',
'fatal.noparms' : 'No parameters to discovery session and no defaultReturn parameter configured',
'fatal.noReturnURL' : "No URL return parameter provided",
'fatal.badProtocol' : "Return request must start with https:// or http://",
'idpPreferred.label': 'Use a suggested selection:',
'idpEntry.label': 'Or enter your organization\'s name',
'idpEntry.NoPreferred.label': 'Enter your organization\'s name',
'idpList.label': 'Or select your organization from the list below',
'idpList.NoPreferred.label': 'Select your organization from the list below',
'idpList.defaultOptionLabel': 'Please select your organization...',
'idpList.showList' : 'Allow me to pick from a list',
'idpList.showSearch' : 'Allow me to specify the site',
'submitButton.label': 'Continue',
'helpText': 'Help',
'defaultLogoAlt' : 'DefaultLogo',
'autoFollow.message' : 'Always follows this selection',
'autoFollow.never' : 'Never',
'autoFollow.time0' : 'One day',
'autoFollow.time1' : '3 months',
'autoFollow.time2' : '9 months'
},
'de': {
'fatal.divMissing': 'Das notwendige Div Element fehlt',
'fatal.noXMLHttpRequest': 'Ihr Webbrowser unterst\u00fctzt keine XMLHttpRequests, IdP-Auswahl kann nicht geladen werden',
'fatal.wrongProtocol' : 'DS bekam eine andere Policy als "urn:oasis:names:tc:SAML:profiles:SSO:idpdiscovery-protocol:single"',
'fatal.wrongEntityId' : 'Die entityId ist nicht korrekt',
'fatal.loadFailed': 'Metadaten konnten nicht heruntergeladen werden: ',
'fatal.noparms' : 'Parameter f\u00fcr das Discovery Service oder \'defaultReturn\' fehlen',
'fatal.noReturnURL' : "URL return Parmeter fehlt",
'fatal.badProtocol' : "return Request muss mit https:// oder http:// beginnen",
'idpPreferred.label': 'Vorherige Auswahl:',
'idpEntry.label': 'Oder geben Sie den Namen (oder Teile davon) an:',
'idpEntry.NoPreferred.label': 'Namen (oder Teile davon) der Institution angeben:',
'idpList.label': 'Oder w\u00e4hlen Sie Ihre Institution aus einer Liste:',
'idpList.NoPreferred.label': 'Institution aus folgender Liste w\u00e4hlen:',
'idpList.defaultOptionLabel': 'W\u00e4hlen Sie Ihre Institution aus...',
'idpList.showList' : 'Institution aus einer Liste w\u00e4hlen',
'idpList.showSearch' : 'Institution selbst angeben',
'submitButton.label': 'OK',
'helpText': 'Hilfe',
'defaultLogoAlt' : 'Standard logo'
},
'ja': {
'fatal.divMissing': '"insertAtDiv" の ID を持つ <div> が HTML 中に存在しません',
'fatal.noXMLHttpRequest': 'ブラウザが XMLHttpRequest をサポートしていないので IdP 情報を取得できません',
'fatal.wrongProtocol' : 'DSへ渡された Policy パラメータが "urn:oasis:names:tc:SAML:profiles:SSO:idpdiscovery-protocol:single" ではありません',
'fatal.wrongEntityId' : 'SP から渡された entityId が設定値と異なります',
'fatal.noData' : 'メタデータが空です',
'fatal.loadFailed': '次の URL からメタデータをダウンロードできませんでした: ',
'fatal.noparms' : 'DSにパラメータが渡されておらず defaultReturn も設定されていません',
'fatal.noReturnURL' : "戻り URL が指定されていません",
'fatal.badProtocol' : "戻り URL は https:// か http:// で始まらなければなりません",
'idpPreferred.label': '選択候補の IdP:',
'idpEntry.label': 'もしくはあなたの所属機関名を入力してください',
'idpEntry.NoPreferred.label': 'あなたの所属機関名を入力してください',
'idpList.label': 'もしくはあなたの所属機関を選択してください',
'idpList.NoPreferred.label': 'あなたの所属機関を一覧から選択してください',
'idpList.defaultOptionLabel': '所属機関を選択してください...',
'idpList.showList' : '一覧から選択する',
'idpList.showSearch' : '機関名を入力する',
'submitButton.label': '選択',
'autoFollow.message' : '次の期間選択した機関に自動的に遷移する:',
'autoFollow.never' : '自動遷移しない',
'autoFollow.time0' : '1日',
'autoFollow.time1' : '3か月',
'autoFollow.time2' : '9か月',
'helpText': 'Help',
'defaultLogoAlt' : 'DefaultLogo'
},
'pt-br': {
'fatal.divMissing': 'A tag <div> com "insertAtDiv" não foi encontrada no arquivo HTML',
'fatal.noXMLHttpRequest': 'Seu navegador não suporta "XMLHttpRequest", impossível de carregador os dados do IdP selecionado',
'fatal.wrongProtocol' : 'A política "Policy" fornecida para o DS não foi "urn:oasis:names:tc:SAML:profiles:SSO:idpdiscovery-protocol:single"',
'fatal.wrongEntityId' : 'entityId oferecido pelo SP não confere com o da configuração',
'fatal.noData' : 'O arquivo de metadados não retornou nada;',
'fatal.loadFailed': 'Falhou ao realizar download do metadado de ',
'fatal.noparms' : 'Sem parâmetros para sessão de descoberta e sem parâmetro "defaultReturn" configurado',
'fatal.noReturnURL' : "Não foi definida um endereço (URL) de retorno no parâmetro",
'fatal.badProtocol' : "Retorno do endereço requisitado deve começar com https:// ou http://",
'idpPreferred.label': 'Use estas Instituições sugeridas: ',
'idpEntry.label': 'Ou informe o nome da sua Instituição',
'idpEntry.NoPreferred.label': 'Informe o nome da sua Instituição',
'idpList.label': 'Ou selecione sua Instituição através da lista abaixo',
'idpList.NoPreferred.label': 'Selecione sua Instituição através da lista abaixo',
'idpList.defaultOptionLabel': 'Por favor, selecione sua Instituição: ',
'idpList.showList' : 'Permitir que eu escolha um IdP através de uma lista',
'idpList.showSearch' : 'Permitir que eu especifique o IdP',
'submitButton.label': 'Continuar ',
'helpText': 'Ajuda',
'defaultLogoAlt' : 'Logo padrão'
}
};
}
This diff is collapsed.
This diff is collapsed.
# Basic Apache configuration
<IfModule mod_alias.c>
<Location /shibboleth-ds>
Allow from all
<IfModule mod_shib.c>
AuthType shibboleth
ShibRequestSetting requireSession false
require shibboleth
</IfModule>
</Location>
Alias /shibboleth-ds/idpselect_config.js /etc/shibboleth-ds/idpselect_config.js
Alias /shibboleth-ds/idpselect.js /etc/shibboleth-ds/idpselect.js
Alias /shibboleth-ds/idpselect.css /etc/shibboleth-ds/idpselect.css
Alias /shibboleth-ds/index.html /etc/shibboleth-ds/index.html
Alias /shibboleth-ds/blank.gif /etc/shibboleth-ds/blank.gif
</IfModule>
Name: shibboleth-embedded-ds
Version: 1.2.0
Release: 1
Summary: Client-side federation discovery service for SAML-based SSO
Group: Productivity/Networking/Security
Vendor: Shibboleth Consortium
License: Apache-2.0
URL: http://shibboleth.net/
Source: %{name}-%{version}.tar.gz
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-root
%if "%{_vendor}" == "redhat"
BuildRequires: redhat-rpm-config
%{!?_without_builtinapache:BuildRequires: httpd}
%endif
%if "%{_vendor}" == "suse"
%{!?_without_builtinapache:BuildRequires: apache2}
%endif
%description
The Embedded Discovery Service is a JS/CSS/HTML-based tool for
identity provider selection in conjunction with SAML-based web
single sign-on implementations such as Shibboleth.
%prep
%setup -q
%build
%install
%{__make} install DESTDIR=$RPM_BUILD_ROOT
# Plug the DS into the built-in Apache on a recognized system.
touch rpm.filelist
APACHE_CONFIG="shibboleth-ds.conf"
%{?_without_builtinapache:APACHE_CONFIG="no"}
if [ "$APACHE_CONFIG" != "no" ] ; then
APACHE_CONFD="no"
if [ -d %{_sysconfdir}/httpd/conf.d ] ; then
APACHE_CONFD="%{_sysconfdir}/httpd/conf.d"
fi
if [ -d %{_sysconfdir}/apache2/conf.d ] ; then
APACHE_CONFD="%{_sysconfdir}/apache2/conf.d"
fi
if [ "$APACHE_CONFD" != "no" ] ; then
%{__mkdir} -p $RPM_BUILD_ROOT$APACHE_CONFD
%{__cp} -p $RPM_BUILD_ROOT%{_sysconfdir}/shibboleth-ds/$APACHE_CONFIG $RPM_BUILD_ROOT$APACHE_CONFD/$APACHE_CONFIG
echo "%config(noreplace) $APACHE_CONFD/$APACHE_CONFIG" > rpm.filelist
fi
fi
%clean
[ "$RPM_BUILD_ROOT" != "/" ] && %{__rm} -rf $RPM_BUILD_ROOT
%post
%if "%{_vendor}" == "redhat"
# On upgrade, restart components if they're already running.
if [ "$1" -gt "1" ] ; then
%{!?_without_builtinapache:/sbin/service httpd status 1>/dev/null && /sbin/service httpd restart 1>/dev/null}
exit 0
fi
%endif
%preun
%if "%{_vendor}" == "redhat"
if [ "$1" = 0 ] ; then
%{!?_without_builtinapache:/sbin/service httpd status 1>/dev/null && /sbin/service httpd restart 1>/dev/null}
fi
%endif
%if "%{_vendor}" == "suse"
if [ "$1" = 0 ] ; then
%{!?_without_builtinapache:/sbin/service apache2 status 1>/dev/null && /sbin/service apache2 restart 1>/dev/null}
fi
%endif
exit 0
%postun