Version 1 (modified by 7 years ago) (diff) | ,
---|
Table of Contents
SAML metadata about SPF SPs: distribution to identity federations by ERIC
This page provides a status overview of the SP metadata distribution across the various CLARIN SPF identity federations. It is still under construction (October 2017) so some information might be missing or incomplete. If you are looking for the old matrix page you can find it here. Although, keep in mind that the whole metadata workflow changed once the SPF infrastructure was dockerized and the SP metadata file moved from the CLARIN SVN to github. A detailed description of the new workflow can be found in the service provider federation page.
Service Providers in the production SPF
This means the SP entityID is whitelisted. Only the SPs that are whitelisted, will be filtered and passed on to the production SAML metadata. In order to be whitelisted an SP needs to have signed the SPF agreement.
All Service Providers in the production SPF will be registered directly in DFN-AAI (DE), Belnet (BE), Haka (FI), eduID.cz, SURFconext (NL) and via eduGAIN in the various other national federations.
Accepted
See the centre registry SPF page, all the SPs with a checked "Prod?" column.
Current distribution to national federations
Please note: for the other countries we use the eduGAIN metadata distribution. Therefore they are not listed in the distribution matrix.
For an explanation about why this dual distribution mechanism is in use, please see the opt-in page.
Procedure for changing/adding and distributing new SAML metadata about SPF SPs
Adding a new SP or changing SAML metadata about an existing one and distributing it is a complicated procedure.
Issues with production SPs
Please avoid expiring SAML signing certificates by doing a certificate roll-over on time.
Current SPs with expired certificates:
- http://www.clarin-pl.eu/shibboleth
- https://clarino.uib.no/
- http://sp.lat.csc.fi
- https://portal.clarin.inl.nl/
- https://clarin.fz-juelich.de/shibboleth
- https://asvsp.informatik.uni-leipzig.de/
- https://beta-catalog.clarin.eu/sp/shibboleth
Remedy: create new SAML metadata, sign with a valid certificate (could be self-signed)