Installing OpenAthens SP will have created an example vhost in /etc/httpd/conf.d/.

The publisher dashboard displayed the vhost configuration you need to create when you added your application. You can access this again via the  getting started tab on your application.

Create a file in the folder above called, for example, openathens-sp.conf:

vi /etc/httpd/conf.d/openathens-sp.conf

Use the Apache configuration from the dashboard as a guide to create your vhosts - e.g:

<VirtualHost *:80>
   ServerName yourdomain.com

   OATempDir /var/cache/openathens
   OAConfig http://sp.openathens.net/config?id=499f54f6-1a1e-4806-b9c2-d40357278fa4
   OAAPIKey 5d11b069-bfe7-4fef-8c53-9204cb754e53

   <Location /pathtoprotected>
     Redirect permanent /pathtoprotected https://%{SERVER_NAME}/pathtoprotected
   </Location>

</VirtualHost>
<VirtualHost *:443>
   ServerName yourdomain.com

   SSLEngine on
   SSLCertificateFile /etc/pki/tls/certs/yourdomain.com.crt
   SSLCertificateKeyFile /etc/pki/tls/private/yourdomain.com.key
   
   OATempDir /var/cache/openathens
   OAConfig http://sp.openathens.net/config?id=499f54f6-1a1e-4806-b9c2-d40357278fa4
   OAAPIKey 5d11b069-bfe7-4fef-8c53-9204cb754e53

   <Location /pathtoprotected>
      AuthType OpenAthens
      require valid-user
   </Location>

</VirtualHost>

In the second virtual host section (*:443) you will need to specify the location and name of your website's SSL certificate and key. These are usually found in the /etc/pki/tls/certs/ and /etc/pki/tls/private/ directories.

In the location section you specify the enabled location - e.g. where OpenAthens SP will be required to pass through the user. This might be your entire application, but is commonly a single point where you start your own site's session and return the user to wherever they were going originally - e.g:

<Location /auth/federated>
  AuthType OpenAthens
  require valid-user
</Location>

Exit the editor saving changes (for more options, see also: Restricting access via vhost).

Restart Apache to start using this configuration:

sudo service httpd restart 

This will download the configuration that has been set up in the publisher dashboard and start using it. Any time you make updates via the dashboard, they will be picked up by OpenAthens SP the next time Apache is restarted.

Next