shib-ui
Code and files for the TIER Shibboleth UI Project
This repository contains both:
- the needed artifacts to build (including auto-builds through Jenkins) a Docker image of the Shibboleth UI,
- and a "testbed" that provides the full environment one needs to explore and gain experience with the Shibboleth UI.
The Docker image of the Shibboleth UI follows the TIER Docker packaging standards, utilizing CentOS7, the Zulu JDK, supervisord, and the TIER Beacon configuration.
How To
-
Install Docker. These instructions require version 17.03.1 or higher.
-
TIER has the latest image for Shib UI. If for some reason you need to build your own, you can do it with something like the following:
docker build --rm -t tier/shib-idp-ui
- And then that image could be run with something like the following:
docker run -p 8080:8080 -v {yourlocalfile}:/opt/shibui/application.properties tier/shib-idp-ui
Note that you'll almost certainly want to create a "local file" ('{yourlocalfile}' above) that contains the core application settings you want, overriding the defaults that in the Shib UI Jar file. Your file should be mounted at the location /opt/shibui/application.properties. The current set of supported properties is documentation in the Internet2 Github Shib UI repository, but is also shown at the end of this Readme.
Now that you have it running, you could access it at something like:
http://localhost:8080
If you did not set an explicit password in your local application.properties, you'll have to look at the startup "console messages" and find the one generated at startup, with a line that starts: Using generated security password:. The username is: user
Testbed environment
- There is a "testbed" environment that you can build and run that is embedded into this repository. That testbed includes the:
- Shibboleth UI,
- a Shibboleth IdP
- with a shared filesystem between the Shibboleth UI and Shibboleth IdP,
- an LDAP server as the base credential/attribute store for the IdP,
- and the TIER Maria DB image for the UI's persistent database.
To setup that testbed, you need to:
- Clone this repository:
git clone https://github.com/Internet2/shib-ui.git
- cd into test-compose/
- Run the following command:
docker-compose kill; docker-compose rm; docker-compose build && docker-compose up
You can then get started like above:
http://localhost:8080
Default Properties
This is a reflection of the default application.properties
file included in the distribution. Note that lines
beginning with #
are commented out.
# Server Configuration
#server.port=8080
# Logging Configuration
#logging.config=classpath:log4j2.xml
logging.level.org.springframework=INFO
logging.level.edu.internet2.tier.shibboleth.admin.ui=INFO
# Database Credentials
spring.datasource.username=shibui
spring.datasource.password=shibui
# Database Configuration H2
spring.datasource.url=jdbc:h2:mem:shibui;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE
spring.datasource.platform=h2
spring.datasource.driverClassName=org.h2.Driver
spring.jpa.database-platform=org.hibernate.dialect.H2Dialect
spring.h2.console.enabled=true
# Database Configuration PostgreSQL
#spring.datasource.url=jdbc:postgresql://localhost:5432/shibui
#spring.datasource.driverClassName=org.postgresql.Driver
#spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect
#Maria/MySQL DB
#spring.datasource.url=jdbc:mariadb://localhost:3306/shibui
#spring.datasource.driverClassName=org.mariadb.jdbc.Driver
#spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MariaDBDialect
# Liquibase properties
spring.liquibase.enabled=false
#spring.liquibase.change-log=classpath:edu/internet2/tier/shibboleth/admin/ui/database/masterchangelog.xml
# Hibernate properties
# for production never ever use create, create-drop. It's BEST to use validate
spring.jpa.hibernate.ddl-auto=update
spring.jpa.hibernate.naming.implicit-strategy=org.hibernate.boot.model.naming.ImplicitNamingStrategyJpaCompliantImpl
spring.jpa.show-sql=false
spring.jpa.properties.hibernate.format_sql=false
spring.jpa.hibernate.use-new-id-generator-mappings=true
# Set the following property to periodically write out the generated metadata files. There is no default value; the following is just an example
# shibui.metadata-dir=/opt/shibboleth-idp/metadata/generated
shibui.logout-url=/dashboard
# spring.profiles.active=default
#shibui.default-password=
#Actuator endpoints (info)
# Un-comment to get full git details exposed like author, abbreviated SHA-1, commit message
#management.info.git.mode=full
###
# metadata-providers.xml write configuration
# Set the following property to periodically write out metadata providers configuration. There is no default value; the following is just an example
# shibui.metadataProviders.target=file:/opt/shibboleth-idp/conf/shibui-metadata-providers.xml
# shibui.metadataProviders.taskRunRate=30000