The Incommon Federation wiki has moved.

Please visit the new InCommon Federation Library wiki for updated content. Remember to update your bookmarks.

Click in the link above if you are not automatically redirected in 15 seconds.



You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

Federation Technical Guide

Precursors to Technical Implementation

  • Review your practices and publish your POP
  • Install/Configure a SAML 2.0 Compliant federating software
  • Support the eduPerson Schema
  • Configure IdP attribute resolver for the appropriate sources
  • Configure the IdP to release the right attributes

SAML

  • What is SAML?
  • Benefits of SAML2
  • IdP Support for SAML2
  • SAML 2.0 FAQ
  • SAML 2.0 profiles
  • SP Support for SAML2

Starting with InCommon

  • Supported software
  • Shibboleth installation guides
  • Shibboleth installation training
  • Testing your IdP
  • Testing your SP
  • Establishing your EntityID
  • Registering your system in the federation: metadata
  • Establishing your primary DNS domain

Identity Attributes

  • Attribute Overview
  • InCommon Attribute Summary
  • eduPerson Schema

Federation Manager

  • Getting credentials to access federation manager
  • Using the federation manager

Metadata

  • General Information
  • Metadata administration
    • IdP Metadata Elements
    • SP Metadata Elements
    • InCommon Metadata Schema
    • Contacts in Metadata
    • Endpoins in Metadata
    • Entity IDs
    • Error Handling URL
    • New IdPs in Metadata
    • Scope in metadata
    • x.509 certificates in metadata
  • Metadata consumption
  • User interface elements

Discovery

  • General Information
  • Configuring metadata for discovery
  • configuring SAML SP software
  • discovery service FAQ
  • configuring Shibboleth for InCommon Discovery Service

Service Providers

  • Install/operate/manage SAML SP software
  • Connect services to be federated to the software and enable them to use incoming attributes to control access
  • Add SP information to metadata
  • Configure SP to use federatoin maetadata and credentials and refresh
  • Document how SP could authrize users, given the provided attributes
  • Document how your application could use the supplied attributes in alternative ways, such as for customization or form completion

Advanced

Recommended Practices

  • Organizational Presence
    • POP
    • Contacts in Metadata
    • Federated Security Incident Response
  • Technical Basics
    • Metadata consumption (refreshed daily)
    • Scope in Metadata (DNS domain controlled by SP)
    • x.509 certificates in metadata
    • How better attribute management helps federation

User Consent

  • Requested attributes

Research and Scholarship Category

  • What is a category of Service Providers?
  • Candidate services
  • Requirements for R&S Service Providers
  • R&S Category Attributes
  • Policy considerations for IdPs
  • FAQ for IdPs
#trackbackRdf ($trackbackUtils.getContentIdentifier($page) $page.title $trackbackUtils.getPingUrl($page))
  • No labels