Beginner ECP question

Terry Soucy terry.soucy at unb.ca
Tue Sep 27 19:37:27 BST 2011 

Hi Scott,

> Which entityID? You mean the SP? You shouldn't need entries for SPs, not
> in general anyway. The default is fine.

For our Windows Live at EDU setup, we have to have that in our relying-party.xml

<!-- Windows Live -->
<rp:RelyingParty id="uri:WindowsLiveID"
     provider="https://idp.unb.ca/idp/shibboleth"
     defaultSigningCredentialRef="IdPCredential">
   <rp:ProfileConfiguration xsi:type="saml:SAML2SSOProfile"
       signAssertions="conditional"
       encryptAssertions="never"
       encryptNameIds="never" />
   <rp:ProfileConfiguration
       xsi:type="saml:SAML2ECPProfile"
       includeAttributeStatement="true"
       assertionLifetime="PT5M"
       assertionProxyCount="0"
       signResponses="never"
       signAssertions="always"
       encryptAssertions="never"
       encryptNameIds="never" />
</rp:RelyingParty>

The documentation that MS provided me with is for ECP setup BEFORE ECP  
was part of the core IdP install, so I've pieced together what I know,  
and found that I don't need much of the edits they tell me to do.   
When Icheck the status of the IdP, these two profiles are returned for  
uri:WindowsLiveID ..

configured_communication_profile: urn:mace:shibboleth:2.0:profiles:saml2:sso
configured_communication_profile: urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp

> Mainly authentication, possibly via web.xml and container, or Apache, or
> something else.

Unfortunately, since I'm dealing with MS on this, I have no access to  
the other end and can not use that in my troubleshooting.  I guess  
what I'm after is, can I expect my IdP to respond to ECP requests  
given the above config and information?  That's really all I see that  
needs to be changed, or at least I hope it is.  I'm assuming that  
since the communication profile is loaded, that it has all of the  
necessary xml schema information in the default install.

Terry

-- 
Terry Soucy, Systems Analyst             Integrated Technology Services
University of New Brunswick, Fredericton Campus  http://www.unbf.ca/its
Voice: 506.447.3018     Fax: 506.453.3590    E-mail: terry.soucy at unb.ca
**    ITS is a scent-reduced workplace - www.unbf.ca/its/policies    **

More information about the users mailing list