| Version 7 (modified by , 12 years ago) (diff) |
|---|
Note: The information on this page has been copied to http://www.clarin.eu/page/3496 (for public access). Please also change it there if a significant change is made.
CLARIN Central Discovery Service
The CLARIN central discovery service is based on DiscoJuice (version 1.0), see: http://discojuice.org/.
The goal is to provide an easy to use discovery service for all CLARIN service providers. By using the same discovery service users do not have to re-login or re-select their IDP when switching between service providers. A drawback of the central discovery service is the fact that it introduce a single point of failure (SPOF). Currently we are looking into ways to make this central discovery service high availability.
Status
The CLARIN central discojuice "Where Are You From" (WAYF) service is currently operating as a beta service.
Currently used at the catalog.clarin.eu SPs, like the component registry: http://catalog.clarin.eu/ds/ComponentRegistry/ (click on login)
Roadmap
- We plan to release version 1 of the CLARIN central discojuice WAYF service around Christmas 2011.
- Look into high availability options.
- Upgrade to DiscoJuice 2.0
Configuration
How to use discojuice as your shibboleth WAYF?
- Get access to a discojuice WAYF:
- Host discojuice yourself (see http://discojuice.org for installation instructions).
- Use an external hosted discojuice WAYF service (http://catalog.clarin.eu/discojuice/idp.html provided by CLARIN).
- Configure a login endpoint in your SP configuration to use the discojuice WAYF service ( either 1a or 1b ), see the next section for more details.
- Use this new login endpoint
DiscoJuice login endpoint
In order to use discojuice as the WAYF service, a session initiator needs to be configured in the SPs 'shibboleth2.xml' configuration file. The 'Location' attribute specifies the login endpoint you can use to append to your handler url (/Shibboleth.sso by default) to start a shibboleth session. The 'URL' attribute of the session initiator of type 'SAMLDS' should point to the discojuice installation you want to use.
A restart of the SP is required after changing the 'shibboleth2.xml' configuration file.
Example using the CLARIN provided discojuice WAYF:
<SessionInitiator type="Chaining" Location="/DiscoJuice" id="DiscoJuice" relayState="cookie">
<SessionInitiator type="SAML2" defaultACSIndex="1" acsByIndex="false" template="bindingTemplate.html"/>
<SessionInitiator type="Shib1" defaultACSIndex="5"/>
<SessionInitiator type="SAMLDS" URL="http://catalog.clarin.eu/discojuice/idp.html"/>
</SessionInitiator>
If you're using Shibboleth 2.4.x you can use the following, less verbose, snippet:
<!-- use CLARIN central discovery service (DiscoJuice) -->
<SSO discoveryProtocol="SAMLDS" discoveryURL="http://catalog.clarin.eu/discojuice/idp.html">
SAML2 SAML1
</SSO>
Make sure to restart shibd and the Apache webserver for changes to come into effect!
Attachments (2)
- disco-old.png (157.7 KB) - added by 12 years ago.
- disco-new.png (238.2 KB) - added by 12 years ago.
Download all attachments as: .zip
