NOT a heartbleed question

Paul Hethmon paul.hethmon at
Thu Apr 10 14:26:14 EDT 2014

On Apr 10, 2014, at 2:11 PM, Bryan E. Wooten <bryan.wooten at<mailto:bryan.wooten at>> wrote:

First they want to do IDP initiated login. We have never done that before. Is it as easy as I am lead to believe from this wiki page:

All need is a link like this:

Yes, that's pretty much it.

The vendor does not supply meta-data. I thought that was a requirement.

You will have to create a metadata file for Shib to read from their data. One thought on that is to give them a metadata file with the entityID, ACS URL's empty and tell them to fill it in.

And last does my 2.3.5 IDP meet these requirements out of the box or do I have work to do (beyond just configuration)?

Yes, all of that is specified by the SAML spec itself.


Paul Hethmon
Chief Software Architect
paul.hethmon at<mailto:paul.hethmon at>

-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list