Installation of Apache SSO module

All of this work is done on the WNS server

The NAPC SSO module is incompatible with Xinet WebNative Portal's php. You cannot install this on a WebNative server that also has WebNative Portal installed and configured. You will need to disable the portal-activation line in httpd.conf. Open /etc/httpd/conf/httpd.conf and search for the line that looks like this and add an ampersand character to the start of it: Include /usr/etc/portal/php/httpd22.conf.php

You only have to comment that one line out.

  1. Make sure that mod_perl is installed and enabled for Apache.
  2. Download the package
  3. Unpack it (tar xzvf ./SSO2Module.tgz)
  4. Cd into directory
  5. Run installer (./INSTALL.pl). If there are missing dependencies it will tell you what needs to be installed. NOTE: On RHEL7+ you will need to use yum to install these, some of which may not be available via yum. You will need to investigate how to install them correctly in that case. Here is the output from an example run of the installer:

    This install requires the Perl Digest::HMAC_MD5 module be installed. Use cpan to install it, like so:

    1. perl -MCPAN -e shell
     cpan> install Digest::HMAC_MD5>

    This install requires the Perl Crypt::CBC module be installed. Use cpan to install it, like so:

    2. perl -MCPAN -e shell
      cpan> install Crypt::CBC

    Installation Complete!

  6. You need to install a shared private key that must be the same on both the E6 server and WNS server.

    This file is called /usr/napc/napcsso2.key. You can create a random string in a file like so:

    echo "Some Random String" | openssl enc -aes-256-cbc -base64 | cut -c1-32 > ./napcsso2.key

    Then just sftp that file to /usr/napc/napcsso2.key on the other host.