Standalone discovery (shibboleth)¶

We need to use a standalone idp discovery in our setup. If you don't have any specific requirements (like edugain in our case) you can use the one provided by clarin (http://clarin.eu/content/clarin-discovery-service).

Deploy and setup idpdiscovery.js¶

https://github.com/ufal/lindat-aai-discovery/wiki/Idp_discovery

Set shibboleth¶

The important part in shibboleth2.xml

            <!--
            Configures SSO for a default IdP. To allow for >1 IdP, remove
            entityID property and adjust discoveryURL to point to discovery service.
            (Set discoveryProtocol to "WAYF" for legacy Shibboleth WAYF support.)
            You can also override entityID on /Login query string, or in RequestMap/htaccess.
            -->
            <SSO discoveryProtocol="SAMLDS" discoveryURL="https://lindat.mff.cuni.cz/idpdiscovery/discovery.html" relayState="cookie">
              SAML2 SAML1
            </SSO>

see https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPServiceSSO or https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPSessionInitiator if more details/complex configuration is needed

Files (0)

Updated by Ondrej Kosarko over 7 years ago · 3 revisions

Project

General

Profile

Lindat Projects

Wiki

Standalone discovery (shibboleth)¶

Deploy and setup idpdiscovery.js¶

Set shibboleth¶