Changes between Version 11 and Version 12 of ServiceProviderFederation/Archive/SP configuration guide
- Timestamp:
- 08/18/14 12:06:15 (10 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
ServiceProviderFederation/Archive/SP configuration guide
v11 v12 6 6 This document does not have as much priority for regular revision as the following documents. Please consult them and do not fully rely on the details in this document. 7 7 * Up-to-date information about the CLARIN Service Provider Federation (SPF): [https://www.clarin.eu/spf] 8 * Up-to-date information about the CLARIN -IDP [https://www.clarin.eu/content/clarin-identity-provider]8 * Up-to-date information about the CLARIN IdP [https://www.clarin.eu/content/clarin-identity-provider] 9 9 * Generate the metadata and additional information: [https://wiki.shibboleth.net/confluence/display/SHIB2/MetadataForSP] 10 10 * !ApplicationDefaults tag and attributes: [https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPApplication] … … 16 16 17 17 == Installation == 18 19 Install Shibboleth daemon on your server in desirable or standard way. 18 Install Shibboleth daemon on your server in desirable (possibly through a standard OS package) way. 20 19 21 20 == Configuration == … … 34 33 35 34 ==== shibboleth2.xml ==== 36 Edit `shibboleth2.xml` ( usually located in the directory `/etc/shibboleth`):37 * Add an `<ApplicationDefaults>` entry containing your `entityID`. The `entityID` is a randomly chosen string in URL-format identifying your SP (and letting other peoplemake some assumptions about who runs the SP):35 Edit `shibboleth2.xml` (on Unix usually located in the directory `/etc/shibboleth`): 36 * Add an `<ApplicationDefaults>` entry containing your `entityID`. The `entityID` is an arbitrary string in URI format identifying your SP (and letting others make some assumptions about who runs the SP): 38 37 {{{#!xml 39 <ApplicationDefaults entityID="https:// sp.phonetik.uni-muenchen.de"38 <ApplicationDefaults entityID="https://your-further-entity-id" 40 39 REMOTE_USER="persistent-id"> 41 40 }}} 42 41 43 * Add an `<SSO>` entry to the Session section with the entityID of the CLARIN-IDP and the link to the discovery service:42 * Add an `<SSO>` entry to the Session section with the `entityID` of the CLARIN IdP and the link to the Discovery service: 44 43 {{{#!xml 45 44 <SSO entityID="https://idp.clarin.eu" discoveryProtocol="SAMLDS" … … 49 48 }}} 50 49 51 * Edit the errors section to let the user know who he or she may contact on error:50 * Edit the Errors element to let the user know who he or she may contact in case of an error: 52 51 {{{#!xml 53 52 <Errors supportContact="your-username@your-institution.com" … … 61 60 backingFilePath="prod_md_about_clarin_erics_idp.xml" reloadInterval="7200"> 62 61 }}} 63 64 62 65 63 … … 81 79 ==== metadata.xml (cp. [ssec:meta]) ==== 82 80 83 1. Checkout the clarin-sp-metadata.xml from https://svn.clarin.eu/aai/ ;84 1. Get the metadata from your own server (https://yourserver/Shibboleth.sso/Metadata) (cp. [sssec:metaorig]) Correct the metadata (changing namespaces, etc. accordingly) (cp. [sssec:metacorr]) 81 1. Checkout the clarin-sp-metadata.xml from [https://svn.clarin.eu/aai/]. 82 1. Get the metadata from your own server (https://yourserver/Shibboleth.sso/Metadata) (cp. [sssec:metaorig]) Correct the metadata (changing namespaces, etc. accordingly) (cp. [sssec:metacorr]). 85 83 1. Open the clarin-sp-metadata.xml and go to the section for the metadata of your Shibboleth server or create one. 86 1. Add your corrected metadata to the section 84 1. Add your corrected metadata to the section. 87 85 1. Execute check_saml_metadata.sh from subdirectory check-saml-metadata to validate the XML file. 88 1. Commit the changes back to the svn server89 1. Wait for the next update process(which should happen every hour, so it could take up to an hour until you can log in)86 1. Commit the changes back to [https://svn.clarin.eu/aai/]. 87 1. Wait for the next update (which should happen every hour, so it could take up to an hour until you can log in) 90 88 91 89 = Appendix =