Changes between Version 7 and Version 8 of ServiceProviderFederation/Archive/SP configuration guide


Ignore:
Timestamp:
07/24/14 11:41:57 (10 years ago)
Author:
Oliver Schonefeld
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • ServiceProviderFederation/Archive/SP configuration guide

    v7 v8  
    11= Disclaimer =
    22
    3 This documentation is provided as-is, should be read and executed carefully and you should know at all time what you are doing. In case of doubt, don’t follow the steps in this documentation and make your own, more appropriate, assumptions. In case you have further questions send them to Clarind-devel@mailman.sfs.uni-tuebingen.de.
     3This documentation is provided as-is, should be read and executed carefully and you should know at all time what you are doing. In case of doubt, don’t follow the steps in this documentation and make your own, more appropriate, assumptions. In case you have further questions send them to clarind-devel@mailman.sfs.uni-tuebingen.de.
    44
    55= Sources to read =
    66This document does not have as much priority for regular revision as the following documents. Please consult them and do not fully rely on the details in this document.
    77* Up-to-date information about the CLARIN Service Provider Federation (SPF): [https://www.clarin.eu/spf]
    8 * Up-to-date information about the CLARIN IdP: [https://www.clarin.eu/content/clarin-identity-provider]
     8* Up-to-date information about the CLARIN-IDP [https://www.clarin.eu/content/clarin-identity-provider]
    99* Generate the metadata and additional information: [https://wiki.shibboleth.net/confluence/display/SHIB2/MetadataForSP]
    10 * ApplicationDefaults tag and attributes: [https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPApplication]
     10* !ApplicationDefaults tag and attributes: [https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPApplication]
    1111* SSO tag and attributes: [https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPServiceSSO]
    12 * MetadataProvider tag [https://wiki.shibboleth.net/confluence/display/SHIB2/IdPMetadataProvider]
     12* !MetadataProvider tag [https://wiki.shibboleth.net/confluence/display/SHIB2/IdPMetadataProvider]
    1313* Documentation of the DFN: [https://www.aai.dfn.de/dokumentation/service-provider/konfiguration/]
    1414
     
    2222
    2323==== attribute-map.xml ====
    24 
    25 Edit attribute-map.xml in /etc/shibboleth/. Uncomment or add the following lines:
    26 
    27 
     24Edit the file `attribute-map.xml` (usually located in the directory `/etc/shibboleth`) and uncomment or add the following lines:
    2825{{{#!xml
    2926<Attribute name="urn:mace:dir:attribute-def:eduPersonPrincipalName" id="eppn">
     
    3734
    3835==== shibboleth2.xml ====
    39 
    40 Edit shibboleth2.xml in /etc/shibboleth/:
    41 * Add an !ApplicationDefaults entry containing your entityID (a randomly chosen string, mostly in the format of an URL letting you make some assumptions about who runs the SP):
    42 
     36Edit `shibboleth2.xml` (usually located in the directory `/etc/shibboleth`):
     37* Add an `<ApplicationDefaults>` entry containing your `entityID`. The `entityID` is a randomly chosen string in URL-format identifying your SP (and letting other people make some assumptions about who runs the SP):
    4338{{{#!xml
    4439<ApplicationDefaults entityID="https://sp.phonetik.uni-muenchen.de"
     
    4641}}}
    4742
    48 * Add an SSO entry to the Session section with the entityID of the clarin IDP and the link to the discovery service:
    49 
     43* Add an `<SSO>` entry to the Session section with the entityID of the CLARIN-IDP and the link to the discovery service:
    5044{{{#!xml
    5145<SSO entityID="https://idp.clarin.eu" discoveryProtocol="SAMLDS"
     
    5448</SSO>
    5549}}}
    56 
    5750
    5851* Edit the errors section to let the user know who he or she may contact on error:
     
    6356}}}
    6457
    65 
    66 * Add or edit the !MetadataProvider to the !ApplicationDefaults section:
     58* Add or edit the `<MetadataProvider>` to the `<ApplicationDefaults>` section:
    6759{{{#!xml
    6860<MetadataProvider type="Chaining">
     
    7870
    7971==== httpd.conf ====
    80 
    81 Edit the httpd.conf in /etc/apache2/:
    82 * Add “AuthType shibboleth” and “ShibRequireSession On” so an Directory entry could look like this
     72Edit the `httpd.conf` (usually located in the dircetory `/etc/apache2`):
     73* Add `AuthType shibboleth` and `ShibRequireSession On` so an `Directory` entry. It could look like this:
    8374{{{#!xml
    8475<Directory /srv/www/htdocs>
     
    8879</Directory>
    8980}}}
     81
     82
    9083==== Shibboleth and Apache restart ====
    91 
    9284After editing the three aforementioned files, remember to restart the Shibboleth daemon and the apache server for the changes to take effect.
    9385