| | 1 | On Mon, 4 Aug 2014, at 15:48 , David J. DeWolfe <djdewolfe@alaska.edu> wrote: |
| | 2 | |
| | 3 | David, Mark; |
| | 4 | |
| | 5 | Here's the Tapingo meeting recap from Jared. And I have informed Jared that it's "Mark", not "Matt". |
| | 6 | |
| | 7 | |
| | 8 | -------- Original Message -------- |
| | 9 | Subject: Tapingo AFB Card, IT and Shibb meeting summary |
| | 10 | Date: Mon, 4 Aug 2014 16:37:30 -0700 |
| | 11 | From: Jared Frey <jared.frey@tapingo.com> |
| | 12 | To: David DeWolfe <djdewolfe@alaska.edu>, Patrick Danyo <patrick.danyo@tapingo.com> |
| | 13 | CC: Yarden Sachs <yarden@tapingo.com> |
| | 14 | |
| | 15 | >Hello All, |
| | 16 | |
| | 17 | >Thank you for meeting with me today. I have summarized our meeting below and have produced a few action items below. The attached IT and Card services Documents includes a more thorough description of the items needed for integration. I have also included a Shibboleth Diagram that describes the connection…. |
| | 18 | |
| | 19 | >- Shibboleth information |
| | 20 | >Campus metadata located at : https://idp.alaska.edu/idp-metadata.xml |
| | 21 | |
| | 22 | confirm |
| | 23 | |
| | 24 | >Attached is Tapingos Metadata |
| | 25 | I notice your metadata is prefixed with the boilerplate: |
| | 26 | {{{ |
| | 27 | This is example metadata only. Do *NOT* supply it as is without review, |
| | 28 | and do *NOT* provide it in real time to your partners. |
| | 29 | }}} |
| | 30 | Presumably you HAVE reviewed your metadata. |
| | 31 | |
| | 32 | >Tapingo needs the IP address of the IdP server |
| | 33 | https://idp.alaska.edu |
| | 34 | (Note that, as per usual in SAML / Shibboleth, this site responds to requests. You cannot successfully do anything by pointing a browser to that URL!) |
| | 35 | >Tapingo needs the meta attributes names (User name, student account number, etc.) |
| | 36 | Please see the attached attribute map with formal mapping of common UA and eduPerson attributes as they would appear in an SP’s attribute-map file. |
| | 37 | |
| | 38 | For “User name” the likely candidate is UA Username: |
| | 39 | <Attribute name="https://iam.alaska.edu/trac/wiki/IamUaArp#uaUsername" id="uaUsername" /> |
| | 40 | For “student account number” I think we agreed on using our Student / Employee # aka “30 million #”: |
| | 41 | <Attribute name="https://iam.alaska.edu/trac/wiki/IamUaArp#bannerID" id="uakBannerID"/> |
| | 42 | For a user’s name, I recommend displayName: |
| | 43 | <Attribute name="urn:oid:2.16.840.1.113730.3.1.241" id="displayName"/> |
| | 44 | You haven’t mentioned an email address; if needed, we should discuss the multiple options available |
| | 45 | |
| | 46 | You can also review a list of common UA attributes described in English at: |
| | 47 | https://iam.alaska.edu/trac/wiki/IamUaArp#Attributes |
| | 48 | |
| | 49 | <SP_attribute-map_20130712.xml> |
| | 50 | |
| | 51 | >Create a Tapingo test user for Shibboleth testing |
| | 52 | I’ve created a user in our UA Enterprise Directory: |
| | 53 | Account seeded for numeric identifier 60094105 : |
| | 54 | UID T5T2J29202 |
| | 55 | UA Username: uaguest_TAPingo1 |
| | 56 | UA UserID: uaguest_6583 |
| | 57 | |
| | 58 | The password will be delivered separately. |
