...
Code Block |
---|
language | bash |
---|
title | Uppgradera Java version |
---|
collapse | true |
---|
|
yum remove java-1.8.0-openjdk-headless java-1.8.0-openjdk
yum install java-11-openjdk-headless java-11-openjdk
alternatives --config java
There is 2 program that provides 'java'.
Selection Command
-----------------------------------------------
*+ 1 /usr/java/jre1.8.0_151/bin/java
2 java-11-openjdk.x86_64 (/usr/lib/jvm/java-11-openjdk-11.0.7.10-4.el7_8.x86_64/bin/java)
Enter to keep the current selection[+], or type selection number: 2
|
Debian specifik
Avinstallera Java 8 och installera Java 11
...
Ladda ner den senaste version av Jetty 9.4. https://www.eclipse.org/jetty/download.html Vid skrivande stund, 9.4.31.v20200723
Code Block |
---|
|
# cd /opt/
# wget https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.4.31.v20200723/jetty-distribution-9.4.31.v20200723.zip
# unzip jetty-distribution-9.4.31.v20200723
|
Ladda ner SWAMIDs jetty-base och packa upp. Ladda ner jetty-base-swamid.zip från HÄR
Code Block |
---|
|
# cd jetty-distribution-9.4.31.v20200723
# unzip /path/to/jetty-base-swamid.zip
|
Uppdatera jetty-base saker.... TO BE COMPLETED.
Länka om jetty till rätt distributionsmapp
Code Block |
---|
|
cd /opt
rm jetty
ln -s jetty-distribution-9.4.31.v20200723 jetty |
Uppdatera /etc/default/jetty
...
Kontrollera Jetty start script
Code Block |
---|
|
# cd /etc/init.d
# rm jetty
# ln -s /opt/jetty/bin/jetty.sh jetty |
Länka om jetty till rätt distribution mapp. Först måste du se till att Jetty är avstängd.
Code Block |
---|
|
# service jetty stop
# cd /opt
# chown -R jetty.jetty jetty-distribution-9.4.31.v20200723
# rm jetty
# ln -s jetty-distribution-9.4.31.v20200723 jetty |
Kontrollera ägarskap av /var/run/jetty mappen. Vi har sett problem med att /var/run/jetty ägs av root istället för jetty.jetty. Kontrollera att det är korrekt
Code Block |
---|
|
# ls -ld /var/run/jetty
drwxr-xr-x 2 jetty jetty 80 1 okt 21.51 /var/run/jetty/ |
Shibboleth IdP v4.X
Ladda ner och packa upp den senaste version av IdP v4. Backa upp din shibboleth-idp
Code Block |
---|
|
# cd /opt
# wget http://shibboleth.net/downloads/identity-provider/latest/shibboleth-identity-provider-4.0.1.tar.gz
# tar zxvf shibboleth-identity-provider-4.0.1.tar.gz
# cp -r shibboleth-idp shibboleth-idp.orig |
Vi har sett att det finns äldre versioner av httpcore, httpclient, commons-dbcp2, commons-pool2 under mapp /opt/shibboleth-idp/edit-webapp/WEB-INF/lib jämfört med de versioner som kommer med IdP v4. Om du har dessa jar-filer i /opt/shibboleth-idp/edit-webapp/WEB-INF/lib, tar bort dem.
MySQL Connector och HikariCP jar-filer
Om du inkluderar andra JAR filer i /opt/shibboleth-idp/edit-webapp/WEB-INF/lib såsom MySQL connector, HikariCP så är det bra att uppgradera dem till senaste version. SWAMID operations har testat med mysql-connector-java-5.1.48-bin.jar och HikariCP-3.4.5.jar.
Kör uppgradering av Shibboleth:
Code Block |
---|
|
# cd /opt
# rm shibboleth-identity-provider
# ln -s shibboleth-identity-provider-4.0.1 shibboleth-identity-provider
# cd shibboleth-identity-provider
# bin/install.sh |
Starta Jetty
Code Block |
---|
|
# service jetty start |
Kontrollera jetty loggar om någonting inte fungerar. Kontrollera sedan idp-process.log för att hitta eventuella problem med IdPn. Testa med https://release-check.swamid.seLadda
Code Block |
---|
MySQL Connector & HikariCP
===============
Ladda ner mysql-connector-java-5.1.48-bin.tar.gz från https://downloads.mysql.com/archives/c-j/
wget https://repo1.maven.org/maven2/com/zaxxer/HikariCP/3.4.5/HikariCP-3.4.5.jar
Jetty 9.4
=========
Kolla senaste 9.4 på https://www.eclipse.org/jetty/download.html
wget https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.4.28.v20200408/jetty-distribution-9.4.28.v20200408.zip
wget https://build.shibboleth.net/nexus/service/local/repositories/releases/content/net/shibboleth/idp/idp-jetty-base/9.4.0/idp-jetty-base-9.4.0.tar.gz
cd jetty-distribution-9.4.28.v20200408
tar zxvf ../idp-jetty-base-9.4.0.tar.gz
Bygga om jetty-base med hjälp av https://wiki.shibboleth.net/confluence/display/IDP4/Jetty94
Lägga till start.d/start.ini
Uppdatera idp.ini:
jetty.sslContext.keyStorePath=../../shibboleth-idp/credentials/https.p12
jetty.sslContext.trustStorePath=../../shibboleth-idp/credentials/https.p12
passwords
jetty.ssl.port=7443
jetty.http.host=127.0.0.1
jetty.http.port=80
Uppdatera idp-backchannel.ini (om man använda)
idp.backchannel.port=8443
idp.backchannel.keyStorePath=../../shibboleth-idp/credentials/idp-backchannel.p12
passwords
Peka ut idp.war.path in idp.xml
<Set name="war"><SystemProperty name="idp.war.path" default="/opt/shibboleth/war/idp.war" /></Set>
cd ..
sudo chown -R jetty:jetty jetty-distribution-9.4.28.v20200408/
sudo rm jetty
sudo ln -s jetty-distribution-9.4.28.v20200408 jetty
Uppgradera Shibboleth
=====================
wget http://shibboleth.net/downloads/identity-provider/latest/shibboleth-identity-provider-4.0.1.tar.gz
tar zxvf shibboleth-identity-provider-4.0.1.tar.gz
cp -r shibboleth-idp shibboleth-idp.orig
*städa i /opt/shibboleth-idp/edit-webapp/WEB-INF/lib* httpcore, httpclient, commons-dbcp2, commons-pool2
*cp in Hikari och MySQL*
rm shibboleth-identity-provider
ln -s shibboleth-identity-provider-4.0.1 shibboleth-identity-provider
cd shibboleth-identity-provider
bin/install.sh
2020-09-18
NEXT:
Check database is OK with new Hikari and MySQL
Check errors in idp-warn
Fix u2f
u2f fel:
2020-06-26 15:01:49,090 - ERROR [net.shibboleth.idp.authn:-2] - Uncaught runtime exception
org.springframework.binding.expression.EvaluationException: An ELException occurred getting the value for expression 'initializeU2fRequest' on context [class org.springframework.webflow.engine.impl.RequestControlContextImpl]
at org.springframework.binding.expression.spel.SpringELExpression.getValue(SpringELExpression.java:104)
Caused by: org.springframework.expression.spel.SpelEvaluationException: EL1021E: A problem occurred whilst attempting to access the property 'initializeU2fRequest': 'Error creating bean with name 'initializeU2fRequest' defined in URL [jar:file:/opt/jetty-distribution-9.4.28.v20200408/jetty-base/tmp/jetty-0_0_0_0-7443-idp_war-_idp-any-10504452630070337846.dir/webinf/WEB-INF/lib/shibboleth-mfa-u2f-auth-1.1-SNAPSHOT.jar!/META-INF/net/shibboleth/idp/flows/authn/U2f/u2f-authn-beans.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [eu.stderr.shibboleth.idp.u2f.authn.impl.InitializeRequest]: Constructor threw exception; nested exception is org.codehaus.groovy.runtime.typehandling.GroovyCastException: Cannot cast object 'net.shibboleth.idp.session.context.navigate.CanonicalUsernameLookupStrategy@6937f8bb' with class 'net.shibboleth.idp.session.context.navigate.CanonicalUsernameLookupStrategy' to class 'com.google.common.base.Function''
at org.springframework.expression.spel.ast.PropertyOrFieldReference.readProperty(PropertyOrFieldReference.java:209)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'initializeU2fRequest' defined in URL [jar:file:/opt/jetty-distribution-9.4.28.v20200408/jetty-base/tmp/jetty-0_0_0_0-7443-idp_war-_idp-any-10504452630070337846.dir/webinf/WEB-INF/lib/shibboleth-mfa-u2f-auth-1.1-SNAPSHOT.jar!/META-INF/net/shibboleth/idp/flows/authn/U2f/u2f-authn-beans.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [eu.stderr.shibboleth.idp.u2f.authn.impl.InitializeRequest]: Constructor threw exception; nested exception is org.codehaus.groovy.runtime.typehandling.GroovyCastException: Cannot cast object 'net.shibboleth.idp.session.context.navigate.CanonicalUsernameLookupStrategy@6937f8bb' with class 'net.shibboleth.idp.session.context.navigate.CanonicalUsernameLookupStrategy' to class 'com.google.common.base.Function'
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateBean(AbstractAutowireCapableBeanFactory.java:1320)
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [eu.stderr.shibboleth.idp.u2f.authn.impl.InitializeRequest]: Constructor threw exception; nested exception is org.codehaus.groovy.runtime.typehandling.GroovyCastException: Cannot cast object 'net.shibboleth.idp.session.context.navigate.CanonicalUsernameLookupStrategy@6937f8bb' with class 'net.shibboleth.idp.session.context.navigate.CanonicalUsernameLookupStrategy' to class 'com.google.common.base.Function'
at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:216)
Caused by: org.codehaus.groovy.runtime.typehandling.GroovyCastException: Cannot cast object 'net.shibboleth.idp.session.context.navigate.CanonicalUsernameLookupStrategy@6937f8bb' with class 'net.shibboleth.idp.session.context.navigate.CanonicalUsernameLookupStrategy' to class 'com.google.common.base.Function'
at org.codehaus.groovy.runtime.typehandling.DefaultTypeTransformation.continueCastOnSAM(DefaultTypeTransformation.java:405) |