configuring shibboleth on AWS using ELB
Deirdre Kirmis
Deirdre.Kirmis at asu.edu
Wed Nov 27 18:30:21 EST 2019
That is great! Thank you…it already told me that I’m missing the metadata for identity provider!
Deirdre Kirmis
Technology Services
Arizona State University Library
480-965-7240
From: users <users-bounces at shibboleth.net> On Behalf Of Nate Klingenstein
Sent: Wednesday, November 27, 2019 4:26 PM
To: Shib Users <users at shibboleth.net>
Subject: RE: configuring shibboleth on AWS using ELB
Deirdre,
You may find https://samltest.id/<https://urldefense.proofpoint.com/v2/url?u=https-3A__samltest.id_&d=DwMFaQ&c=l45AxH-kUV29SRQusp9vYR0n1GycN4_2jInuKy6zbqQ&r=X1YAM2yWs1HIcWRXyPCSUtCKxhQO748y834uz5ZFnTY&m=-p3_HucMP6fgoiaOsqwQOGvonEwN8AdOsl8FKuiYMeE&s=WLLruzqa9leUxPFfkRtb0oUfHYVehAPdDs_2-golteE&e=> to be a useful resource. It's basically a fully configured SP that will let you see its logs so you can know exactly what's going on, end to end.
Best wishes,
Nate.
--------
[Image removed by sender.]
The Art of Access ®
Nate Klingenstein | Principal
https://www.signet.id/<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.signet.id_&d=DwMFaQ&c=l45AxH-kUV29SRQusp9vYR0n1GycN4_2jInuKy6zbqQ&r=X1YAM2yWs1HIcWRXyPCSUtCKxhQO748y834uz5ZFnTY&m=-p3_HucMP6fgoiaOsqwQOGvonEwN8AdOsl8FKuiYMeE&s=TGTv1t1GponuoVksgNyxYaNUwB0-U-468uHc-FilIgw&e=>
-----Original message-----
From: Deirdre Kirmis
Sent: Wednesday, November 27 2019, 12:14 pm
To: Shib Users
Subject: RE: configuring shibboleth on AWS using ELB
Eventually, we will want to set up as a federation SP, but this is just dev at this point, so we are only configuring our org IDP.
I did find the documentation on creating the metadata schema/rules, so thanks for that direction.
Deirdre Kirmis
Technology Services
Arizona State University Library
480-965-7240
-----Original Message-----
From: users <users-bounces at shibboleth.net<mailto:users-bounces at shibboleth.net>> On Behalf Of Cantor, Scott
Sent: Wednesday, November 27, 2019 10:39 AM
To: Shib Users <users at shibboleth.net<mailto:users at shibboleth.net>>
Subject: Re: configuring shibboleth on AWS using ELB
On 11/27/19, 12:23 PM, "users on behalf of Deirdre Kirmis" <users-bounces at shibboleth.net<mailto:users-bounces at shibboleth.net> on behalf of Deirdre.Kirmis at asu.edu<mailto:Deirdre.Kirmis at asu.edu>> wrote:
> How do I prepare the metadata myself?
It's an XML file with a very defined schema and set of rules for what's in it, but that's probably obvious so the intent of the question is not 100% clear.
Speaking in general terms, a federated SP (that is, one dealing with many IdPs of different organizations) really needs to be in a federation, and federations provide metadata management systems generally, though not always.
An enterprise SP is dealing with a single IdP and the IdP operator should be providing processes to follow. For myself, I don't ask SPs to give me metadata as a rule, I just expect them to inform me of the keys and hosts through a registration process, then I assign them entityID(s) to use, and I have processes to follow when changes are needed.
-- Scott
--
For Consortium Member technical support, see https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.shibboleth.net_confluence_x_coFAAg&d=DwICAg&c=l45AxH-kUV29SRQusp9vYR0n1GycN4_2jInuKy6zbqQ&r=X1YAM2yWs1HIcWRXyPCSUtCKxhQO748y834uz5ZFnTY&m=vG7jnjpCDSN0QFq4AMsIaEJhlm75brYoTFKZaSTj9Dg&s=nmaRAJ-HfEKwZBp3UslR_FH2lQ7avk7fjdY0-PNAGIA&e=
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net<mailto:users-unsubscribe at shibboleth.net>
--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg<https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.shibboleth.net_confluence_x_coFAAg&d=DwMFaQ&c=l45AxH-kUV29SRQusp9vYR0n1GycN4_2jInuKy6zbqQ&r=X1YAM2yWs1HIcWRXyPCSUtCKxhQO748y834uz5ZFnTY&m=-p3_HucMP6fgoiaOsqwQOGvonEwN8AdOsl8FKuiYMeE&s=k8dS6UKC2v800qaZG6IlByEGw4QGJlOB7ZLSlCG9I0c&e=>
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net<mailto:users-unsubscribe at shibboleth.net>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20191127/18f12972/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ~WRD000.jpg
Type: image/jpeg
Size: 823 bytes
Desc: ~WRD000.jpg
URL: <http://shibboleth.net/pipermail/users/attachments/20191127/18f12972/attachment.jpg>
More information about the users
mailing list