Installation process for autethenticator-simulator

Sources & binaries

Authentication Simulator is an open-source project under Apache License Version 2.0 (https://gazelle.ihe.net/content/license). Sources are available via Subversion at https://svn.ihe-europe.net/gazelle/Maven/simulators/authentication-simulator/.

The latest public packaged release can be downloaded from our Nexus repository https://gazelle.ihe.net/nexus/index.html#nexus-search;quick~authentication-simulator-ear (search for authentication-simulator-X.X.X.ear) for Authentication Simulator and https://gazelle.ihe.net/nexus/index.html#nexus-search;quick~idp-adapter-ear (search for idp-adapte-X.X.X.ear) for the IDP Adapter.

If you need for any reason a more recent version (hotfix, experimental featureā€¦), the public packaged application of our development trunk can be found at https://gazelle.ihe.net/jenkins/job/authentication-simulator/ws/authentication-simulator-ear/target/authentication-simulator.ear. This package can be unstable. The IDP Adapter ear can be found in the same directory.

Installation

If you are installing a Gazelle tool for the first time in your environment, make sure to read carefully the general considerations for JBoss7

Database creation

Your database must have a user gazelle :

  1. Connect to your database
psql -U gazelle
  1. Execute the SQL statement to create the database.
CREATE DATABASE "authentication-simulator" OWNER gazelle ENCODING 'UTF8' ;

Deployment

To deploy Authentication :

  1. Download the ear file from our Nexus repository

  2. Paste the archive authentication-simulator.ear in the JBoss deployment directory ${JBOSS7\_HOME}/standalone/deployments/

  3. Display JBoss server logs, start JBoss and wait for ear deployment.

  4. The application can be browsed at http://yourserver/authentication-simulator Port could also be different whether you have modified the JBoss server configurations or not.

Authentication Simulator needs an another ear to parse the shibboleth logs. This ear does not need a database, just put the ear in a jboss. This ear needs to be installed in the same machine as Shibboleth IDP but not necessarily in the same machine as Authentication Simulator.

Application configuration

  1. Download the SQL scripts archive from our Nexus repository https://gazelle.ihe.net/nexus/index.html#nexus-search;quick~authentication-simulator-ear (search for authentication-simulator-X.X.X-sql.zip)

  2. Unzip the archive

  3. Edit the application_url value in init.sql. You might also want to edit application_works_without_cas and the idp_adapter_wsdl_endpoint configurations.

  4. From the bash, update the application configuration by running :

psql -U gazelle authentication-simulator < init.sql

Installation process for ch-idp-renewal

Sources & binaries

ch-idp-renewal is an open-source project under Apache License Version 2.0 (https://gazelle.ihe.net/content/license). Sources are available via Gitlab at https://gitlab.inria.fr/gazelle/specific-tools/epr/idp-renewal/.

The latest public packaged release can be downloaded from our Nexus repository https://gazelle.ihe.net/nexus/index.html#nexus-search;quick~ch-idp-renewal (search for ch-idp-renewal-X.X.X.war)

Installation

If you are installing a Gazelle tool for the first time in your environment, make sure to read carefully the general considerations for Wildfly26

Configuration

In the saml metadata file of the SUT (by default in /opt/shibboleth-idp/metadata/), add the following AssertionConsumerService:

<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://sp-clone.ihe-europe.net/Shibboleth.sso/SAML2/ECP" index="3"/>

In the same file, in the <SPSSODescriptor> element, change the AuthnRequestsSigned to false instead of true if present.

Deployment

To deploy Authentication :

  1. Download the war file from our Nexus repository

  2. Paste the archive ch-idp-renewal-X.X.X.war in the JBoss deployment directory ${WILDFLY26\_HOME}/standalone/deployments/

  3. Display JBoss server logs, start JBoss and wait for war deployment.

  4. The application can be browsed at http(s)://yourServer/ch-idp-renewal/ws-trust?wsdl Port could also be different whether you have modified the Wildfly server configurations or not.