How to find SP Metadata / link to SP Metadata
Peter Schober
peter.schober at univie.ac.at
Thu May 4 05:02:41 EDT 2017
* Netra Mirajkar <netrasm at gmail.com> [2017-05-04 09:47]:
> We have taken over management of Shibboleth SP which is already in working
> order for a customer. The customer wants to add another IDP and to work it
> properly we assume, we have to provide SP Metadata link. How can we figure
> out what it might be? Does Shibboleth store SP Metadata provided to other
> IDPs? It is configured with httpd if it helps.
The SP ships with a script that let's you easily create SAML 2.0
Metadata describing he SP.
On CentOS that's in /etc/shibboleth/metagen.sh by default,
on Debian and friends it's shib-metagen (in your $PATH).
Russ has written a man page for Debian, which may or may not be up to
date. You can find an online copy here:
https://web.archive.org/web/20161025061026/https://manpages.ubuntu.com/manpages/xenial/man1/shib-metagen.1.html
There are two main reasons you don't want to provide the IDP with a
"link" to something automatically generated by the software: Trust
management and software configuration vs. metadata, cf.
http://shibboleth.net/pipermail/users/2017-April/035568.html
HTH,
-peter
More information about the users
mailing list