Plugins SAML Apache SSO moduleTuesday, November 6, 2018 4:47 AM
Installation of Apache SSO module
All of this work is done on the WNS server
The NAPC SSO module is incompatible with Xinet WebNative Portal's php. You cannot install this on a WebNative server that also has WebNative Portal installed and configured. You will need to disable the portal-activation line in httpd.conf. Open /etc/httpd/conf/httpd.conf and search for the line that looks like this and add an ampersand character to the start of it: Include /usr/etc/portal/php/httpd22.conf.php
You only have to comment that one line out.
- Make sure that mod_perl is installed and enabled for Apache.
- Download the package
- Unpack it (tar xzvf ./SSO2Module.tgz)
- Cd into directory
Run installer (./INSTALL.pl). If there are missing dependencies it will tell you what needs to be installed. NOTE: On RHEL7+ you will need to use yum to install these, some of which may not be available via yum. You will need to investigate how to install them correctly in that case. Here is the output from an example run of the installer:
This install requires the Perl Digest::HMAC_MD5 module be installed. Use cpan to install it, like so:
1. perl -MCPAN -e shell cpan> install Digest::HMAC_MD5>
This install requires the Perl Crypt::CBC module be installed. Use cpan to install it, like so:
2. perl -MCPAN -e shell cpan> install Crypt::CBC
You need to install a shared private key that must be the same on both the E6 server and WNS server.
This file is called /usr/napc/napcsso2.key. You can create a random string in a file like so:
echo "Some Random String" | openssl enc -aes-256-cbc -base64 | cut -c1-32 > ./napcsso2.key
Then just sftp that file to /usr/napc/napcsso2.key on the other host.