* Andy Swiffin <[log in to unmask]> [2009-07-06 14:38]:
> I'm cutting my teeth on the 2.1 IdP install and trying to work out
> how best to slot it in to the existing installation.
The IdPApacheTestShibCookbook wiki page still has examples for using
Apache httpd, and a complete config snipplet attached:
https://spaces.internet2.edu/download/attachments/5557/shib2idpbeta-apache.conf?version=3
> In httpd.conf I understand that you now have ProxyPass /idp/ ajp://127.0.0.1:8009/idp/ ?
If that is the context you run the IdP in, yes.
> In http-ssl.conf do you still have the
>
> <VirtualHost _default_:8443>
> ...
>
> section? If so, does it still have a section:
Yes (in ssl.conf or elsewhere).
> <Location /shibboleth/AA>
> SSLOptions +StdEnvVars +ExportCertData
> </Location
>
> I'm assuming not, that this will be different?
No. Besides the SSL Options and refering to the key pair the IdP
generated for you (or you configured the IdP to use) you just need the
same ProxyPass directive as you have on your port 443 SSL vhost.
> <VirtualHost _default_:8443>
> ... certificates etc
>
> <Location /idp>Allow from all SSLOptions +StdEnvVars +ExportCertData
> SSLVerifyClient optional_no_ca SSLVerifyDepth 10 </Location>
> <Proxy ajp://localhost:8009/idp/*> Allow from all </Proxy>
> ProxyPass /idp/ ajp://localhost:8009/idp/
> </VirtualHost>
>
> Would do the trick?
Looks pretty much identical to the above config (which works fine).
cheers,
-peter
--
[log in to unmask] - vienna university computer center
Universitaetsstrasse 7, A-1010 Wien, Austria/Europe
Tel. +43-1-4277-14155, Fax. +43-1-4277-9140
|