...
Java : nous recommandons l'usage d'openjdk
pour la partie serveur les versions 8 ou 11 ou 17 (généralement présentes dans les distributions) conviennent,
pour la partie cliente vous pouvez utiliser openjdk et openjfx en version 11 ou 1217.
Maven (dernière version 3.0.x) : le mieux est de l'installer via le système de paquets de votre linux - http://maven.apache.org/download.cgi
Postgresql : le mieux est de l'installer via le système de paquets de votre linux.
Tomcat 8 : .5 ou 9 (Tomcat 10 n'est pas supporté) : https://tomcat.apache.org/download-8090.cgi
Apache + libapache2-mod-shib2
Git
...
Bloc de code | ||||
---|---|---|---|---|
| ||||
a2enmod rewrite a2enmod ssl a2enmod proxy_ajp a2enmod proxy_http a2enmod shib2shib |
Créer un fichier de configuration pour le VirtualHost esup-sgc.univ-ville.fr /etc/apache2/sites-available/esup-sgc.univ-ville.fr.conf
...
Bloc de code | ||||
---|---|---|---|---|
| ||||
<VirtualHost *:80>
ServerName esup-sgc.univ-ville.fr
ServerAdmin webmaster@univ-ville.fr
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
RewriteRule ^/(.*)$ https://esup-sgc.univ-ville.fr/$1 [L,R]
</VirtualHost>
<VirtualHost *:443>
ServerName esup-sgc.univ-ville.fr
ServerAdmin webmaster@univ-ville.fr
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/esup-sgc.univ-ville.fr/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/esup-sgc.univ-ville.fr/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/esup-sgc.univ-ville.fr/chain.pem
ProxyPass /Shibboleth.sso !
ProxyPass /secure !
ScriptAlias /secure /var/www/printenv.pl
ShibCompatValidUser Off
<Location /Shibboleth.sso>
SetHandler shib
AuthType None
Require all granted
</Location>
<Location /shibboleth-sp>
AuthType None
Require all granted
</Location>
Alias /shibboleth-sp/main.css /usr/share/shibboleth/main.css
<Location /secure>
AuthType shibboleth
ShibRequestSetting requireSession 1
require shib-session
ShibUseHeaders On
ShibRequestSetting applicationId default
</Location>
<Location />
AuthType shibboleth
ShibRequestSetting requireSession 1
require shib-session
ShibUseHeaders On
ShibRequestSetting applicationId default
</Location>
<Location "/resources">
Require all granted
ShibRequireSession Off
</Location>
<Location "/wsrest">
Require all granted
ShibRequireSession Off
</Location>
<Location "/payboxcallback">
Require all granted
ShibRequireSession Off
</Location>
ProxyPass / ajp://localhost:8209/ ttl=10 timeout=3600 retry=1
<LocationMatch "^/(resources|webjars)">
ExpiresActive On
ExpiresByType text/css "access plus 1 hour"
ExpiresByType text/javascript "access plus 1 hour"
ExpiresByType application/javascript "access plus 1 hour"
ExpiresByType image/gif "access plus 1 hour"
ExpiresByType image/png "access plus 1 hour"
ExpiresByType image/jpg "access plus 1 hour"
ExpiresByType image/jpeg "access plus 1 hour"
ExpiresByType application/x-shockwave-flash "access plus 1 hour"
ExpiresByType image/x-icon "access plus 1 hour"
</LocationMatch>
CacheRoot /var/cache/httpd/esup-sgc
CacheDirLevels 2
CacheDirLength 1
CacheEnable disk /resources
CacheEnable disk /webjars
AddOutputFilterByType DEFLATE text/plain text/html text/css text/javascript application/x-javascript application/javascript application/json image/svg+xml
</VirtualHost> |
Idem pour le VirtualHost esup-nfc-tag.univ-ville.fr dans /etc/apache2/sites-available/esup-nfc-tag.univ-ville.fr.conf
...
language | xml |
---|---|
theme | RDark |
...
AddOutputFilterByType DEFLATE text/plain text/html text/css text/javascript application/x-javascript application/javascript application/json image/svg+xml
</VirtualHost> |
Idem pour le VirtualHost esup-nfc-tag.univ-ville.fr
...
dans /etc/
...
apache2/sites-available/esup-nfc-tag.univ-ville.fr.conf
Bloc de code | ||||
---|---|---|---|---|
| ||||
<VirtualHost *:80> /chain.pem ProxyPass /Shibboleth.sso !ServerName esup-nfc-tag.univ-ville.fr ProxyPass /secure !ServerAdmin webmaster@univ-ville.fr ScriptAlias /secureDocumentRoot /var/www/printenv.plhtml ShibCompatValidUserErrorLog Off <Location /Shibboleth.sso> ${APACHE_LOG_DIR}/error_esup-nfc-tag.log CustomLog SetHandler shib${APACHE_LOG_DIR}/access_esup-nfc-tag.log combined RewriteEngine On AuthType None RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* Require all granted - [F] RewriteRule </Location> ^/(.*)$ <Location /shibboleth-sp> AuthType Nonehttps://esup-nfc-tag.univ-ville.fr/$1 [L,R] </VirtualHost> <VirtualHost *:443> ServerName esup-nfc-tag.univ-ville.fr Require all grantedServerAdmin webmaster@univ-ville.fr </Location> Alias /shibboleth-sp/main.css /usr/share/shibboleth/main.css DocumentRoot /var/www/html ErrorLog <Location /secure> ${APACHE_LOG_DIR}/error_esup-nfc-tag.log CustomLog AuthType shibboleth${APACHE_LOG_DIR}/access_esup-nfc-tag.log combined ShibRequestSetting requireSession 1SSLEngine on SSLCertificateFile require shib-session/etc/letsencrypt/live/esup-nfc-tag.univ-ville.fr/cert.pem ShibUseHeaders OnSSLCertificateKeyFile /etc/letsencrypt/live/esup-nfc-tag.univ-ville.fr/privkey.pem SSLCertificateChainFile ShibRequestSetting applicationId /etc/letsencrypt/live/esup-nfc-tag </Location>.univ-ville.fr/chain.pem <LocationProxyPass /manager> AuthType shibbolethShibboleth.sso ! ProxyPass ShibRequestSetting requireSession 1/secure ! ScriptAlias require shib-session ShibUseHeaders On/secure /var/www/printenv.pl ShibCompatValidUser Off ShibRequestSetting applicationId esup-nfc-tag<Location /Shibboleth.sso> </Location> <LocationSetHandler /admin>shib AuthType shibbolethNone ShibRequestSettingRequire requireSessionall 1granted </Location> require<Location shib/shibboleth-sessionsp> ShibUseHeadersAuthType OnNone ShibRequestSettingRequire applicationId esup-nfc-tagall granted </Location> Alias /shibboleth-sp/main.css /usr/share/shibboleth/main.css <Location /nfc>secure> AuthType shibboleth ShibRequestSetting requireSession 1 require shib-session ShibUseHeaders On ShibRequestSetting applicationId esup-nfc-tag </Location> <Location /manager> ProxyPass / ajp://localhost:8309/ ttl=10 timeout=3600 retry=1 AuthType shibboleth ShibRequestSetting <Location "/resources">requireSession 1 ExpiresActiverequire Onshib-session ExpiresByType text/css "access plus 1 hour" ShibUseHeaders On ShibRequestSetting applicationId esup-nfc-tag ExpiresByType text</javascriptLocation> "access plus 1<Location hour"/admin> ExpiresByType application/javascript "access plus 1 hour" AuthType shibboleth ShibRequestSetting requireSession 1 ExpiresByType image/gif "access plus 1 hour" require shib-session ExpiresByType image/png "accessShibUseHeaders plusOn 1 hour" ShibRequestSetting ExpiresByType image/jpg "access plus 1 hour"applicationId esup-nfc-tag </Location> <Location /nfc> ExpiresByType image/jpeg "access plus 1AuthType hour"shibboleth ExpiresByType application/x-shockwave-flash "access plus 1 hour" ShibRequestSetting requireSession 1 ExpiresByTyperequire image/x-iconshib-session "access plus 1ShibUseHeaders hour"On </Location> ShibRequestSetting CacheRoot /var/cache/httpd/applicationId esup-nfc-tag CacheDirLevels 2</Location> CacheDirLengthProxyPass 1 CacheEnable disk /resources/ ajp://localhost:8309/ ttl=10 timeout=3600 retry=1 AddOutputFilterByType DEFLATE text/plain text/html text/css text/javascript application/x-javascript application/javascript application/json image/svg+xml </VirtualHost> |
...