Configuring Apache Httpd to use Josso on CentOS

Install the developer tools

- yum install httpd-devel

(apr-devel is installed as a pre-req with httpd-devel)

- yum groupinstall 'Development Tools'

Build the josso/apache httpd module

- extract josso-src/dist/agents/josso-apache22-agent-1.8.2-.tar.gz

- cd josso-apache22-agent-1.8.2

- chmod 744 makemake

- ./makemake

- chmod 744 configure

- ./configure --with-apache-include=/usr/include/httpd --with-apr-include=/usr/include/apr-1

- make

- apxs -i -a -n auth_josso mod_auth_josso/.libs/libmod_auth_josso.so

Protect web resource

- edit /etc/httpd/conf/httpd.conf and add the following within the Directory "/var/www/html" tag

AuthType JOSSO

AuthName "MyApacheWeb"

Require user "user1"

Require role "role2"

GatewayLoginUrl "http://localhost:8080/josso/signon/login.do"

GatewayLogoutUrl "http://localhost:8080/josso/signon/logout.do"

GatewayEndpoint "localhost" 8080

Restart apache httpd

- service httpd restart

Check (ensure that tomcat6 is running)

- Go to http://localhost/

(Log in with user1/user1pwd)

Installing Josso on Tomcat 6 and CentOS 5.5

Pre-req:

- Standard CentOS install

- Using root to run commands (but sudo should be used instead, provided /etc/sudoers has been edited to provide the user sudo access)

Tomcat 6 Setup:

http://wavded.tumblr.com/post/258713913/installing-tomcat-6-on-centos-5
(Added for reference, if the link disappears)

cd /etc/yum.repos.d

wget 'http://www.jpackage.org/jpackage50.repo'

rpm -Uvh 'http://plone.lucidsolutions.co.nz/linux/centos/images/jpackage-utils-compat-el5-0.0.1-1.noarch.rpm'

yum update

yum install tomcat6 tomcat6-webapps tomcat6-admin-webapps

service tomcat6 start

Josso Setup:

- Download josso-1.8.2.zip, and unzip

- From in the bin directory, run ./josso-gsh

- Then, from inside the josso console, run the following commands

gateway install --target /usr/share/tomcat6 --platform tc60

agent install --target /usr/share/tomcat6 --platform tc60

samples install --target /usr/share/tomcat6 --platform tc60

- Exit the josso console, with exit

- Restart tomcat, service tomcat6 restart

Checking Josso Install:

- Go to http://localhost:8080/partnerapp/

- Click on 'login' and use 'user1' and 'user1pwd' to test

Known issues:

java.lang.RuntimeException: Outbound relaying failed. No Principal found. Verify your SSO Agent Configuration!

This is caused due to the jaas.conf not being referenced, due to tomcat starting as a service, and the josso install not updating the correct file.

- Edit /etc/tomcat6/tomcat6.conf to include the following

JAVA_OPTS="$JAVA_OPTS -Djava.security.auth.login.config=$CATALINA_HOME/conf/jaas.conf"

Using a server other than localhost

The josso install is hard coded to use localhost

- Edit the references to localhost in /usr/share/tomcat6/lib/josso-agent-config.xml