Storing persistentId using an HTTP DataConnector
Mak, Steven
makst at upenn.edu
Wed Nov 9 13:25:15 UTC 2022
> Is there some tool a bit like "aacli" but able to mimic some kind of "dummy SP" ? Only sending forged SAML requests and getting the responses, just for debug and learning purpose.
My team uses a small VM with a basic RHEL + apache + TLS + ShibSP installed that we use for testing SP things. I think there's also https://samltest.id/ that some have used, but I haven't. I've used my small VM to build small SAML proof of concepts for golang, node, and whatever things our customers are trying to integrate with SSO.
ShibSP is a very versatile SAML implementation. I recommend it over other implementations. But there are certainly others, like python, perl, and even bash.
- Steve
On 11/9/22, 8:19 AM, "users on behalf of Cantor, Scott via users" <users-bounces at shibboleth.net on behalf of users at shibboleth.net> wrote:
> We don't have any SP as far as I know. So I am trying to be ready for
> anything and learing with trial/errors.
If you didn't have any SPs to worry about, you wouldn't need an IdP. And if you're really starting from scratch, this is not how to do it. Do NOT support things just because. That goes triple for pairwise ID constructs. Stop, undo, get rid of all of it, until you know what you're doing and why.
Deploy what you require, when you're ready to support it.
> Is there some tool a bit like "aacli" but able to mimic some kind of "dummy SP" ? Only sending forged SAML requests and getting the
> responses, just for debug and learning purpose.
There's testshib.
-- Scott
--
For Consortium Member technical support, see https://urldefense.com/v3/__https://shibboleth.atlassian.net/wiki/x/ZYEpPw__;!!IBzWLUs!SzyQyvR4f8VotPhHBk5bh_WRkWyQ-0fXVGw-fKP6ZJgB3FVWHTZ9mGSQ7lHfNi8a-wLyHiuaYDJnL_Sg$
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list