NOT a heartbleed question
Bryan E. Wooten
bryan.wooten at utah.edu
Thu Apr 10 14:39:03 EDT 2014
Thanks!
From: users-bounces at shibboleth.net [mailto:users-bounces at shibboleth.net] On Behalf Of Paul Hethmon
Sent: Thursday, April 10, 2014 12:26 PM
To: Shibboleth Users
Subject: Re: NOT a heartbleed question
On Apr 10, 2014, at 2:11 PM, Bryan E. Wooten <bryan.wooten at utah.edu<mailto:bryan.wooten at utah.edu>> wrote:
First they want to do IDP initiated login. We have never done that before. Is it as easy as I am lead to believe from this wiki page:
https://wiki.shibboleth.net/confluence/display/SHIB2/IdPUnsolicitedSSO
All need is a link like this: https://myidp.edu/idp/profile/SAML2/Unsolicited/SSO?providerId=someid&shire=providerURL
Yes, that's pretty much it.
The vendor does not supply meta-data. I thought that was a requirement.
You will have to create a metadata file for Shib to read from their data. One thought on that is to give them a metadata file with the entityID, ACS URL's empty and tell them to fill it in.
And last does my 2.3.5 IDP meet these requirements out of the box or do I have work to do (beyond just configuration)?
Yes, all of that is specified by the SAML spec itself.
Paul
Paul Hethmon
Chief Software Architect
paul.hethmon at clareitysecurity.com<mailto:paul.hethmon at clareitysecurity.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20140410/ba0e3c43/attachment-0001.html
More information about the users
mailing list