Do you want to test your own metadata to see whether or not it meets the testable elements of Baseline Expectations? Read on to find out how to do just that.
If your metadata does not meet Baseline Expectations, InCommon will send your InCommon Site Administrators and InCommon Executive an email once a month to let them know what elements are not aligned with Baseline Expectations. Your Site Administrator(s) can then access the InCommon Federation Manager and update your metadata as needed. If you want to look at metadata the following business day (InCommon publishes Metadata once per Internet2 business day) to evaluate the impact of your changes, you can do that using the procedure below. You can use this procedure to check the status of your SAML entity descriptors (or anyone else's) at any time. This is also a good way to make sure that vendors that you work with are meeting Baseline Expectations.
To run the checks yourself, you will need:
- Basic familiarity with a command line - *NIX, Windows or similar
- The ability to read a comma-delimited spreadsheet using a spreadsheet application
- Some prerequisites that you must have installed:
Follow the links for the dependencies above to get the documentation for those commands, and make sure you have them installed. Most *NIX systems will have these already installed. Once that is complete, execute the following on the command line to produce a comma-delimited spreadsheet of Baseline Expectations reports for all SAML entity descriptors in the current main InCommon metadata aggregate:
git clone https://github.internet2.edu/InCommon/md-transforms.git cd md-transforms git pull cd lib curl -O http://md.incommon.org/InCommon/InCommon-metadata.xml xsltproc baseline_report_csv.xsl InCommon-metadata.xml > report.csv
Navigate to where report.csv is located on your filesystem, and open the CSV with your spreadsheet application. Search the column "Organization Display Name" for the legal name of your organization, as listed on the InCommon organizations page.
Occasionally, we may update the XSLT - to ensure you always have the latest version, use the 'git pull' command in the md-transforms directory, as noted above.