RUBYCAS SERVER USING MOD_PASSENGER, LOCAL MYSQL DATABASE, AND LDAP AUTH ON PUIAS[[BR]]
[[BR]]
[root@localhost ~]# yum install puias-{addons,unsupported}[[BR]]
[root@localhost ~]# yum install rubygem-rubycas-server ruby-mysql mod_ssl mod_passenger mysql-server rubygem-net-ldap[[BR]]
[[BR]]
Open /etc/sysconfig/iptables and allow port 443 (https) traffic:[[BR]]
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT[[BR]]
[[BR]]
Create the file /usr/lib/ruby/gems/1.8/gems/rubycas-server-1.0/config.ru[[BR]]
See the example in this folder.[[BR]]
[[BR]]
Configure httpd:[[BR]]
[root@localhost ~]# chkconfig httpd on[[BR]]
[root@localhost ~]# rm -f /etc/httpd/conf.d/welcome.conf[[BR]]
Configure /etc/httpd/conf.d/ssl.conf as per the given example[[BR]]
[[BR]]
Create a test cert and key for httpd - BE SURE TO REPLACE THESE IN PRODUCTION:[[BR]]
[root@localhost ~]# cd /etc/pki/tls/certs[[BR]]
[root@localhost ~]# make httpd.pem[[BR]]
[Fill out the questionaire][[BR]]
[[BR]]
Configure MySQL:[[BR]]
[root@localhost ~]# chkconfig mysqld on[[BR]]
[root@localhost ~]# service mysqld start[[BR]]
[root@localhost ~]# /usr/bin/mysql_secure_installation[[BR]]
Fill out the questions, be sure to set a new root password and remove all test accounts/dbs.[[BR]]
[root@localhost ~]# mysql -u root -p[[BR]]
mysql> create database casserver;[[BR]]
mysql> use casserver;[[BR]]
mysql> source /path/to/create_rubycas_mysql_db.sql[[BR]]
[[BR]]
Create and configure the file /etc/rubycas-server/config.yml[[BR]]
See example in this folder.[[BR]]
[[BR]]
At this point, you can test your implementation:[[BR]]
[root@localhost ~]# setenforce 0[[BR]]
[root@localhost ~]# service httpd start[[BR]]
[[BR]]
Note that I disabled SELinux. This should be used only for testing purposes, to generate policy files.[[BR]]
Please see rubycas-server.te in this directory for an example SELinux policy file that worked for me.[[BR]]