| Version 7 (modified by jpmitchell@…, 13 years ago) (diff) |
|---|
Shibboleth / Setup SP Relying Party
This page documents how to setup an SP's relying party configuration in the IdP.
- Check out the conf and metadata directories from the shib-svn repository.
john@fearless:~/Junk$ svn co svn+ssh://sxjpm@iron.alaska.edu/usr/local/iam/shib-svn/idp/trunk/conf A conf/service.xml ... A conf/login.config Checked out revision 1. john@fearless:~/Junk$ svn co svn+ssh://sxjpm@iron.alaska.edu/usr/local/iam/shib-svn/idp/trunk/metadata A metadata/dauntless-metadata.xml ... A metadata/unicorn3-metadata.xml Checked out revision 1.
- Add the SP's metadata to the shib-svn repository in the shib-svn/idp/metadata directory.
john@fearless:~/Junk$ cp /tmp/idmt-1-metadata.xml metadata/ john@fearless:~/Junk$ svn add metadata/idmt-1-metadata.xml A metadata/idmt-1-metadata.xml
- Add a stanza in the relying-party.xml config file to import the SP's metadata.
john@fearless:~/Junk$ vi conf/relying-party.xml ... <!-- idmt-1.alaska.edu metadata --> <MetadataProvider id="idmt-1.alaska.edu" xsi:type="ResourceBackedMetadataProvider" xmlns="urn:mace:shibboleth:2.0:metadata"> <MetadataResource xsi:type="resource:FilesystemResource" file="/opt/shibboleth-idp/metadata/idmt-1-metadata.xml" /> </MetadataProvider> ... :wq!
- Commit the new metadata file and the changed relying-party.xml file into the shib-svn repository.
john@fearless:~/Junk$ svn commit metadata/ -m "Added metadata from SP idmt-1" john@fearless:~/Junk$ svn commit conf/ -m "Added relying party config for SP idmt-1"
- Test and update the Shibboleth IdPs with the following procedure.
References:
Attachments
-
shibboleth2.xml
(7.7 KB) -
added by dabantz@… 10 years ago.
shibboleth2.xml for T2 Parking SP
