Windows Installation
Please first review the information in the Shibboleth.net wiki. You can use either IIS or Apache as your web server.
An MSI installation package is available for supported Windows platforms, including tools, cache service, IIS filter, and Apache modules (compiled against the standard Apache distributions).
During installation, you will be prompted for an installation path, a local TCP port to use, and whether to install the Shibboleth service. If possible, you should use an installation path of C:\opt\shibboleth-sp and the default port. The documentation provided at this site assume this installation path, and it also provides an easy to secure location to store sensitive credentials and log files. Access to most of the installation can be restricted to Administrators and the user accounts of the Shibboleth service and web server. The TCP port is used by the web server filter to communicate with the Shibboleth service, and is normally restricted to loopback traffic only (i.e., no off-host traffic to this address should be allowed). The default port is 1600, and use of a different port requires altering the cofiguration. When prompted, you should choose to install the daemon as a Windows service. This allows you to manage the service using the Services Control Panel. After installation, you may be prompted to reboot to pick up the environment and path changes. Until you do, the service may refuse to start.
After installation, you should also be sure to configure the service to restart itself if it fails. This will prevent your web site from becoming unavailable if the service crashes. The Windows Service Control Panel allows you to configure this using the Recovery tab when you double click on a service.
Linux Installation
Linux installation is platform dependent, and you should use the appropriate section of the Shibboleth wiki to proceed. When building from source, a prefix of /opt/shibboleth-sp is recommended.
Following installation, a startup script may (or can) be placed in /etc/init.d to manage the service, which runs as a daemon process called shibd . Eventually, the script can be used to activate the service when the machine boots.
Post-Installation Tasks
Regardless of your platform, the default installation provides a set of basic configuration files. To prepare your system for use, a private key and certificate must be generated (this should be done by the installation process), and the configuration files must be modified to reflect your server's setup and your security policy and application requirements. The Windows installer performs some of the web server configuration for you if you're using IIS. Subsequent configuration depends on whether you're interested in an LSU-specific or federated deployment.
