Binary distributions of the Shibboleth code are available.
Information on obtaining and installing binaries can be found at
http://shibboleth.internet2.edu/

This document provides details for those wishing to build from source.
The Wiki contains additional information and more up to date build
notes.

C++ Service Provider

Your first step is going to be the OpenSAML INSTALL.txt file. Please read it
thoroughly to understand the issues. All the requirements in that file
apply, mainly because you need to build OpenSAML, and almost all the
dependencies are the same. Once you reach the end of that build process and
have some confidence it worked, you can come back and continue here.

--- Apache

You'll next need to get an Apache in place. If you're building from source,
you don't have to use the "real" Apache code, or use mod_ssl. You will
however need to provide the necessary build flags during configure, or
ideally, let our configure script use your Apache's apxs script to extract
the necessary information.

Also, at a minimum, Apache needs to be built with mod_so enabled for
dynamically loading modules. If you encounter problems with crashing
or apparent module conflicts, make sure you've built Apache and any
modules with threading support and ideally as much dynamically as
possible.

Apache 1.3 does not directly support threads, but you can set the
CFLAGS variable before running configure to include the proper gcc
thread flag (usually -pthread or -pthreads, depends on your platform).

--- MySQL (optional)

The distribution now includes a cache plugin using embedded MySQL.
This plugin will be included in the build by default if the embedded MySQL
library (libmysqld.a) can be found, or if the --with-mysql option is passed
to configure. You can force exclude the plugin with the --disable-mysql option.

Many default installs of MySQL will not include the embedded library, so don't
be surprised if it's not there. Also, just as with PHP and certain other packages
that include C++, you'll need to build it with the same compiler used to build
Shibboleth.

The MySQL 4.x build is currently not clean. There are errors in several
Makefile.in files that have to corrected to get the build to work.
The patch for the pre-configure Makefile.in files in version 4.0.12 is included
in this directory as the file "mysql-4.0.12.diff", which can be applied from the
mysql-4.0.12 directory. Similar changes may be needed in other versions.

After patching, to get it to build, the --with-embedded-server option is used
with MySQL. An example build with gcc/g++ is below:

$ cd mysql-4.1.12
$ env CFLAGS="-fPIC -DPIC" CXXFLAGS="-fPIC -DPIC"
$ ./configure --prefix=/opt/mysql \
    --libexecdir='${exec_prefix}/sbin' --disable-static \
    --enable-thread-safe-client --enable-assembler --enable-local-infile \
    --with-extra-charsets=complex --with-embedded-server \
    --with-berkeley-db --with-innodb --with-raid
$ make all
$ make install

MySQL has a lot of options, so some local customization may be needed. The
command to set the compiler flags is critical on Solaris, because the flags
are needed to get a correct build of the library to link against.

--- Shibboleth

Building the Shibboleth libraries, shibd, test programs, and Apache
modules is more or less like building OpenSAML. You can get the code from
SVN and run the bootstrap script if you want, or just use a source tarball.

With the source distribution or the results of your bootstrap:

$ ./configure --prefix=/opt/shibboleth-sp --with-log4cpp=/opt/shibboleth-sp \
    --enable-apache-20 -C
$ make
$ make install

This will build the Apache 2.0 modules by extracting build settings
from apxs. You can use different options to build for other Apache
versions or specify the location of the apxs script.

To test your installation, you can run the shibtest utility, which actually
loads your configuration and attempts to obtain attributes from a Shibboleth
Attribute Authority. It's not a great tool for testing because normally you
can't query on a known principal name.

$ set LD_LIBRARY_PATH=/opt/shibboleth-sp/lib; export LD_LIBRARY_PATH
$ /opt/shibboleth-sp/bin/shibtest -h test-handle \
	-f urn:mace:shibboleth:test:nameIdentifier \
	-q  https://idp.example.org/shibboleth

The example shown uses a test principal that is specific to the InQueue
sample IdP, which is known to the SP after initial installation.
You should get some reasonably structured output back that lists some
attributes. Some warnings or errors are normal.
