This wiki space contains archival documentation of Project Bamboo, April 2008 - March 2013.
The procedure for integration of client Research Environments, tools, or services with Bamboo's IAM infrastructure will differ for each client platform. During the active period of the Bamboo Technology Project (Oct 2010 to March 2013), client integration was proven using an application running in an instance of Drupal. This application was the Account Services module, described on the page Account Services UI - Bamboo IAM Client - Drupal Module PoC.
The steps on this page describe integration of a Drupal instance with the Bamboo IAM infrastructure. The steps are drawn from installation of Drupal on a virtual machine running a CentOS Linux distribution. There are links to more detailed instructions on separate pages where appropriate.
Follow instructions at http://drupal.org/documentation/install/download
Install at chosen location under /var/www/html
1. Install Shibboleth SP by following the steps described on the page Shibboleth SP Installation and Configuration for Bamboo Trust Federation Clients.
2. Edit /etc/shibboleth/shibboleth2.xml.dist and save edited version as /etc/shibboleth/shibboleth2.xml. Make the following changes:
3. Edit /etc/httpd/conf.d/shib.conf to use lazy sessions for the Drupal instance. See the <Location> block at the bottom of the file.
Follow instructions at https://wiki.shibboleth.net/confluence/display/EDS10/Embedded+Discovery+Service. When installing on a Linux platform, this can be as simple as invoking yum.
When logged in with administrator privileges after installing the shib_auth module, click "Modules", scroll down to Shibboleth at the bottom of the page and click "Configure".
Here is what the configuration options should look like:
After making any changes (e.g., to URLs; the defaults should work in most other cases), click the "Save configuration" button at the bottom of the page.
Your Drupal site should now show a "Shibboleth login" option and users can choose their preferred identity provider from those defined in the Bamboo Trust Federation metadata. This can include social providers such as Google, Twitter, Yahoo and others if there is a Social2SAML gateway IdP in the federation (see Social/SAML Gateway to enable social media identity provision).