Version 32 (modified by 8 years ago) (diff) | ,
---|
Table of Contents
Note: this page is in the process of being updated (Nov 2016)
As much information as possible should be kept at http://www.clarin.eu/spf
However there might be some details to store here.
CLARIN IdP
Central Discovery Service
Service Provider Federation
Feedback on eduGAIN code of conduct: ServiceProviderFederation/EduGain?
Information about including logos in SAML metadata: recommendations and a related standardization discussion
Login testing: Manual testing of logins.
Distribution Matrix: overview of manual SAML metadata updates
Changing the SAML metadata about SPF SPs
- Commit the changes to source:aai/clarin-sp-metadata.xml in the CLARIN SVN repository
- Make sure to check the XSD validity of the file! Be prepared to put 5 EUR in the CLARIN developers tipping box if you commit a non-valid file.
- Every hour a cron job automatically checks out the latest version at http://infra.clarin.eu/aai/clarin-sp-metadata.xml
How to add SAML metadata about the CLARIN IdP to your SP configuration
Information per Identity Federation
(original source no longer available))
Haka (Finland)
cn, sn, displayName, eduPersonPrincipalName, schacHomeOrganization, schacHomeOrganizationType
The major unique identifier: Currently, ePPN is the predominant unique ID.
The federation operator has published instructions on use of ePTID but hasn't strongly insisted its use.
Adding an SP: Haka?
DFN-AAI
attributes
sn, email, ePPN, ePSA, ePEntitlement, ePTID
What is the predominant unique identifier for end users?
- eduPersonPrincipalName (ePPN)
- eduPersonTargetedID(ePTID)/SAML2 PersistentID
Is there a policy for what should be used as the unique ID? No.
SURFconext
Mandatory attributes: No mandatory attributes
The major unique identifier: eduPersonPrincipalName (ePPN) - there is no formal policy for what should be used as the unique ID
UK federation
See section 7 of http://www.ukfederation.org.uk/library/uploads/Documents/technical-recommendations-for-participants.pdf for the recommended attributes in the UK.
Attributes in the SPF
The minimal set of required attributes:
The ideal set of attributes:
- cn (common name)
- o (organizationName) or schacHomeOrganization
Attribute release
Attributes requested by SPF services
These should be listed in the SAML metadata about the SP.
Component Registry?
- strictly required: ePPN
- nice to have: displayName, cn (common name)
Virtual Collection Registry?
- strictly required: eduPersonTargetedID (could also be configured to work with ePPN)
- nice to have: cn, displayName
WebLicht?
- strictly required: (no attributes - as not all IdPs? are releasing anything useful)
- nice to have:
TQE (CLARIN-NL, http://hdl.handle.net/1839/00-SERV-0000-0000-0005-6)
- strictly required: (no attributes)
- nice to have: (no attributes)
Adelheid anntool ((clarin-nl, http://hdl.handle.net/1839/00-SERV-0000-0000-0005-6)
- strictly required:
- nice to have: