wiki:TerraDotta
Last modified 8 years ago Last modified on 11/20/12 17:24:51

IAM / Projects / TerraDotta

Service: StudioAbroad
Vendor: TerraDotta
Sponsor: UAF International Programs
Service Platform: unknown; vendor-hosted
Authentication: Shibboleth (to be configured)
Authorization/attributes: daily batch file (tab-delimited)
Provisioning: based on conversation, believed to be capable of creating new accounts at vendor based on first time access and authentication; vendor will then add that identity to the list of requested identities in the next batch job

--

2012-11-20 InCommon metadata for studyabroad.uaf.edu SP submitted by Terra Dotta:

<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://studyabroad.uaf.edu/sp">
  <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
    <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
      <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://studyabroad.uaf.edu/Shibboleth.sso/DS" index="1"/>
      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
        <mdui:DisplayName xml:lang="en">Terra Dotta</mdui:DisplayName>
      </mdui:UIInfo>
    </md:Extensions>
    <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
<!-- Serial No. 15085326935096748387, expires on Sat Nov  6 03:32:32 2021 GMT -->
          <ds:X509Certificate>
MIIC4jCCAcqgAwIBAgIJANFZ2OwHEuljMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV
BAMTCTE4OTYxMC0xMDAeFw0xMTExMDkwMzMyMzJaFw0yMTExMDYwMzMyMzJaMBQx
EjAQBgNVBAMTCTE4OTYxMC0xMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSr4q1G1rfFnUKtYTdjHsigx2Q6NUbxyoffyZ2UIaqYZM2zZhzr9esGNGCk
KQYfAEY1Qh2+e0ZdSruqt+czmIejUpSFksQ5/hhMJUgg57rLDr6jbKsuzn+d3r8x
eLdjS9GZLpyCGcZz6otjjm+wHVsZZiNjNL9QY2fWKdelpsW8A8/k8Z97p/f9irm3
fdKFZ/K1+b30d3tKtFOZadDdBSQ4JcPuNZJuyxACAjZcFqCBOrZLbSDLPdbak+1d
qVlx0Jv6eDQhmaLB2rLeCXsYzMefwBEqKXh3CtPRD02VqvS6qKSZ4LXCRPQW4gwe
Ljf/WqvlrTCkX2+jN1QAhUsMEGUCAwEAAaM3MDUwFAYDVR0RBA0wC4IJMTg5NjEw
LTEwMB0GA1UdDgQWBBRZUD+lP5WycljiKCPym8XBynxCHzANBgkqhkiG9w0BAQUF
AAOCAQEAv3JPUGv0dlqEfMHtP/ndgiGZwUVBhF793HyjzuhpqQFfe6gW9Hw2a89b
2+KBiBtRIzKeWmWA6RekNPYOBi7v5xZh19xWy5pSY7vbyfDTX/JelGxmfXNZ410D
vgjaGwz0xzIqCnpnv0kBlznEhPhPeJp3x1kZoM4tpc8h+RC/hc/4SInW9IvrmBRN
E0FdOWtJBgWxpXXgV6nIVsMbhv00IityvLkBeOqJkijxkpfZ7X1kGXs5B5ocGP/l
1jnTfOvUuE0dZ+Cir5f7y3gxGorpHUVUrAN0ZXEzRgoQsPXUGS7Ywn9O9onLNyO5
jMhLsXgIjytXWNyX56sT5QNCsLw4qQ==
          </ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" index="1" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://studyabroad.uaf.edu/Shibboleth.sso/SAML2/POST"/>
    <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" index="2" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://studyabroad.uaf.edu/Shibboleth.sso/SAML2/POST-SimpleSign"/>
    <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" index="3" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://studyabroad.uaf.edu/Shibboleth.sso/SAML2/Artifact"/>
    <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" index="4" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://studyabroad.uaf.edu/Shibboleth.sso/SAML2/ECP"/>
    <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" index="5" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://studyabroad.uaf.edu/Shibboleth.sso/SAML/POST"/>
    <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" index="6" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://studyabroad.uaf.edu/Shibboleth.sso/SAML/Artifact"/>
  </SPSSODescriptor>
  <Organization>
    <OrganizationName xml:lang="en">Terra Dotta, LLC</OrganizationName>
    <OrganizationDisplayName xml:lang="en">Terra Dotta, LLC</OrganizationDisplayName>
    <OrganizationURL xml:lang="en">http://www.terradotta.com/</OrganizationURL>
  </Organization>
  <ContactPerson contactType="technical">
    <GivenName>Jason Johnson</GivenName>
    <EmailAddress>jasonj@terradotta.com</EmailAddress>
  </ContactPerson>
</EntityDescriptor>

2011-08-09 05:41:57 PM EDT [Tim Wojoski] :

[Recipients: Erica Keiko Iseri, David Bantz, Unknown iam@alaska.edu]

Hi David,

Here are the high-level phases for the project:

1.1. Technical Kickoff Meeting
1.1.1. Determine Mechanisms for Integrations (Shibboleth, Deferred-fetch, LDAP query for HR)
1.2. Discuss and Agree on Required Data Fields (Internal)
1.3. SIS Integration
1.3.1. Create Data Extract (Internal)
1.3.2. Create Job to Update Data (Internal)
1.3.3. Configure SSH file transfer routine to push that data file to the hosted server (PuttyGen for Certs)
1.3.4. Set Up StudioAbroad to Access Data
1.3.5. Set Up Mappings Between StudioAbroad and Data
1.4. Campus Login Integration
1.4.1. Set Up Authentication Mechanism
1.4.2. Test Combined Login and SIS Integrations

As the first step, we can move forward with testing the connection of the SSH directory. Our server administrators have posted instructions on generating the shared keys we need to establish the connection. Please post the public cert to this case once it has been made available.

We are waiting for your Shibboleth resource to become available on 8/15/11 before proceeding with that step.

I will be providing a more formal project plan in the coming days.

Regards, Tim


2011-09-22 verified that Colleen Abrams is working on providing an extract for this app;
OIT [presumably EAS] will need to make this extract available on an SFTP site.