This repository contains an Ansible playbook for installing a SAML identity providers based on Shibboleth-3.

It contains:

1. An example playbook migration.yml
2. Two roles as submodules
   • roles/osct.shiboleth-idp-v3 for the shibboleth-3 configuraiton
   • roles/osct.tomcat-8 for the tomcat layer configuration.
3. An example inventory inventory.hosts
4. Supporting files (images, stylesheets) in files

Short answer : don't. This repository was created just to install a server with the two roles 😄

Note: the playbook migration.yml is not suitable for re-use as-is. It merely demonstrates how to write a simple playbook to use the Shibboleth-3 role starting from an existing setup. See below for how to deplo

If you want to deploy a Shibboleth-3 Identity Provider in a Federation, take the following steps :

1. Get Ansible - http://docs.ansible.com/ansible/intro_installation.html
2. Go to your local toolbox, where you keep your playbooks and roles. (e.g. DevOps/Ansible)
3. Install the Ansible roles from Galaxy : ansible-galaxy install -p roles/ osct.shibboleth-idp-v3 (assuming that your roles are in roles subdirectory.)
4. Prepare your inventory (see inventory.hosts for an example). Note : you can add a idpv3 group and add the variables from host_vars to group_vars/idpv3.yml. See variables section below.
5. Update the inventory variables (group, or host variables), and the variables in the roles (see variables section below):
   1. roles/osct.shibboleth-idp-v3/[vars,default]/main.yml
   2. roles/osct.tomcat-8/[vars,default]/main.yml
6. Run your playbook : ansible-playbook my-migration.yml

There's not much here to see, but if you would like to discuss these roles, please open an issue on their respective repos :

1. Shib3 role
2. tomcat-8 role

See this discussion topic as well.