#192 Integration with Sibboleth
Closed: Fixed None Opened 6 years ago by rcritten.

Test interoperability with mod_shib as an SP.


I built from scratch rather than trying to build from one of their srpms which I noticed too late.

I also had to build opensaml-2.5.5.tar.gz and xmltooling-1.5.5.tar.gz. I used the current Fedora latest SRPMs for these and just tweaked the n-v-r. I had to mess with the docs in xmltooling but it was no big deal.

I found the Shib docs rather confusing getting started with an SP because it quickly gets into the weeds of what each option means. There was no quick start that I saw. I ended up using https://itservices.stanford.edu/service/shibboleth/sp to get going.

The logout URL is /Shibboleth.sso/Logout by default.

owner: => rcritten
status: new => accepted

If you want to be redirected on logout to some site outside the secure area send the user to /Shibboleth.sso/Logout?return=https://sp.example.com/logged_out.html or something like that.

I only tested the auto-generated SP metadata and tested with signing both true and false.

Going to mark this as complete.

resolution: => fixed
status: accepted => closed
type: defect => task

Metadata Update from @rcritten:
- Issue assigned to rcritten
- Issue set to the milestone: 1.2

5 years ago

Login to comment on this ticket.