Publishing IdP's metadata?

Cantor, Scott cantor.2 at osu.edu
Thu Feb 5 10:11:09 EST 2015


On 2/5/15, 2:57 PM, "Jeremy Morton" <jez9999 at gmail.com> wrote:



>How do I publish my Shibboleth IdP's metadata?  I see the 
>metadata/idp-metadata.xml file, but what URL do I need to use to access 
>it?

The Shibboleth "model" is that you register it with a trusted third party 
that brokers it, so you don't publish it at all.

If you want a different model, the security of that model is up to you to 
own, and the answer to "how" is that you prepare it and make it available 
in whatever way you deem appropriate.

The metadata in that file is available at /idp/shibboleth. Because it's 
not generated dynamically but is essentially whatever you put in that 
file, and thus controllable, it's fine to use that URL for the most part. 
But that's meaningless by itself. You're just self-asserting the 
information.

-- Scott



More information about the users mailing list