MPASS-proxy consists of several modules for Shibboleth Identity Provider v3, providing extensions for authentication, attribute resolution and audit logging. For more information see https://github.com/Digipalvelutehdas/MPASSid-proxy
Developer information and more detailed documentation will be available in http://www.mpass.fi
Currently ansible scripts only support single server installation. All the components are installed in one server (shibboleth, httpd, MPASSid-proxy component)
RedHat/CentOS 7 server (ie. virtual machine) with root privileges. You can use the Vagrant configuration provided.
| Parameter | Description |
|---|---|
| app_root | Installation root |
| app_jetty | Jetty install path |
| app_shibbo | Shibboleth-IDP directory |
| app_jetty_base | Jetty base directory |
| mpassid_build | Temporary directory used during install |
| mpassid_data | Url for MPASSid data component |
| conf | Location for Shibboleth configuration |
| hash | Hash for encryption |
| entityID | Url for shibboleth |
| authn_flows | List of configured authentication flows |
| conf_authn | Location for authentication config |
| views | Location of configured views |
| messages | Location of configured messages |
| flows_authn | Flows configuration directory |
| sp | Shibboleth SP configuration |
$ vagrant up
If you prefer to use just the ansible scripts you can run them for example in localhost as follows:
$ sudo ansible-playbook -i "localhost," -c local mpass-proxy.yml