On Mon, 4 Aug 2014, at 15:48 , David J. DeWolfe? <djdewolfe@…> wrote:
David, Mark;
Here's the Tapingo meeting recap from Jared. And I have informed Jared that it's "Mark", not "Matt".
Subject: Tapingo AFB Card, IT and Shibb meeting summary Date: Mon, 4 Aug 2014 16:37:30 -0700 From: Jared Frey <jared.frey@…> To: David DeWolfe? <djdewolfe@…>, Patrick Danyo <patrick.danyo@…> CC: Yarden Sachs <yarden@…>
Hello All,
Thank you for meeting with me today. I have summarized our meeting below and have produced a few action items below. The attached IT and Card services Documents includes a more thorough description of the items needed for integration. I have also included a Shibboleth Diagram that describes the connection….
- Shibboleth information
Campus metadata located at : https://idp.alaska.edu/idp-metadata.xml
confirm
Attached is Tapingos Metadata
I notice your metadata is prefixed with the boilerplate:
This is example metadata only. Do *NOT* supply it as is without review, and do *NOT* provide it in real time to your partners.
Presumably you HAVE reviewed your metadata.
Tapingo needs the IP address of the IdP server
https://idp.alaska.edu (Note that, as per usual in SAML / Shibboleth, this site responds to requests. You cannot successfully do anything by pointing a browser to that URL!)
Tapingo needs the meta attributes names (User name, student account number, etc.)
Please see the attached attribute map with formal mapping of common UA and eduPerson attributes as they would appear in an SP’s attribute-map file.
For “User name” the likely candidate is UA Username:
<Attribute name="https://iam.alaska.edu/trac/wiki/IamUaArp#uaUsername" id="uaUsername" />
For “student account number” I think we agreed on using our Student / Employee # aka “30 million #”:
<Attribute name="https://iam.alaska.edu/trac/wiki/IamUaArp#bannerID" id="uakBannerID"/>
For a user’s name, I recommend displayName:
<Attribute name="urn:oid:2.16.840.1.113730.3.1.241" id="displayName"/>
You haven’t mentioned an email address; if needed, we should discuss the multiple options available
You can also review a list of common UA attributes described in English at: https://iam.alaska.edu/trac/wiki/IamUaArp#Attributes
<SP_attribute-map_20130712.xml>
Create a Tapingo test user for Shibboleth testing
I’ve created a user in our UA Enterprise Directory: Account seeded for numeric identifier 60094105 :
UID T5T2J29202 UA Username: uaguest_TAPingo1 UA UserID: uaguest_6583
The password will be delivered separately.