With the imminent switch to Shibboleth, I've decided to try out hooking up a Drupal instance...to...Shibboleth. Exactly as the title implies.
I'm using Ubuntu Server 10.04 for my server and rather then authentication against a real IdP, I'm using the public TestShib Two service as an IdP and configuring the SP myself.
Here's how I did it:
0) Register with OpenIdP and get a machine ready for testing.
1) Install the necessary packages:
mysql (for drupal)!
...and all their friends.
2) Get drupal and install that properly. There are plenty of tutorials out there on how to do this.
3) Configure your apache server so that it looks something like this:
Alias /secure /var/www/drupal
Options Indexes FollowSymLinks Multiviews
Allow from all
...and a whole bunch more as needed. You can actually base it off the default-ssl site (...like I did.)
4. Somewhere in your shibboleth2.xml (probably in /etc/shibboleth), you have something that looks like this:
This is the really important part. It's telling you exactly which paths on the server are going to be secured by