entity id in browser result in metadata

Michael A Grady mgrady at unicon.net
Thu Apr 3 16:27:54 EDT 2014 

No, the entityID is just a "lookup key" to find the right metadata amongst all the metadata you have. The IdP's metadata endpoint (which you really shouldn't be using for dynamic access to metadata) is exactly what you listed: 

  https://hostname/idp/profile/Metadata/SAML

where "hostname" is the IdP's host/service name: 

    https://shibidp.ku.edu/idp/profile/Metadata/SAML

I just tried it, and got the metadata. But note that metadata gets generated when you install the IdP, and not necessarily updated with changes. So you're better off getting your published metadata from the InCommon feed.

On Apr 3, 2014, at 3:15 PM, Qian, Yi wrote:

> So https://hostname/idp/shibboleth will result in metadata?
> 
> From: Paul Hethmon <paul.hethmon at clareitysecurity.com>
> Reply-To: Shib Users <users at shibboleth.net>
> Date: Thursday, April 3, 2014 3:08 PM
> To: Shibboleth Users <users at shibboleth.net>
> Subject: Re: entity id in browser result in metadata
> 
> 
> On Apr 3, 2014, at 3:54 PM, Qian, Yi <yqian at ku.edu> wrote:
> 
>> Hello, 
>> 
>> OK, I can't find it, but according the shib document I printed out, to get idp metadata, I need to use https://hostname/idp/profile/Metadata/SAML, but I just realized if I entered my idp entity id in browser it will spit out our idp metadata, if my memory still working, I remember before I upgrade to 2.4, when I enter the entity id in browser I would get 404, could somebody explain it is because of the upgrade? Because my memory is wrong? Because my configuration is flawed?
> 
> 
> The entityID is not a URL. The default value used by Shib during installation looks very similar to one just to ensure uniqueness of the ID.
> 
> Paul
> 
> 
> Paul Hethmon
> Chief Software Architect
> paul.hethmon at clareitysecurity.com
> 
> 
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net


--
Michael A. Grady
Senior IAM Consultant, Unicon, Inc.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20140403/f0ec6e05/attachment.html

More information about the users mailing list