FreeKB - Shibboleth (IdP) Metadata
Shibboleth (IdP) - Metadata

Let's say you've got a working Shibboleth Identity Provider (IdP) and you want to add a Service Providers (SP) metadata to the IdP, so that the IdP know about the Service Provider. In /opt/shibboleth-idp/conf/metadata-providers.xml, uncomment the following. Restart Tomcat.

<MetadataProvider 
  id="LocalMetadata"
  xsi:type="FilesystemMetadataProvider"
  metadataFile="/path/to/metadata.xml"
/>

 

This assumes you have done the following.

Identity Provider (IdP)

 

Service Provider (SP)

 


Ensure the URL in ${idp_install_root}/conf/relaying-party.xml points to your IdP.

<rp:AnonymousRelyingParty provider="https://<hostname of your IdP>/idp/shibboleth" defaultSigningCredentialRef="IdpCrednetail"/>

<rp:DefaultRelyingParty provider="https://<hostname of your IdP>/idp/shibboleth" defaultSigningCredentialRef="IdpCredential"
  <rp: ProfileConfiguration . . .

 

If you've done the above steps, you should be able to view your IdP metadata at http://<hostname of your IdP>:8080/idp/shibboleth and you can view the metadata of your SP at http://<hostname of your SP>/Shibboleth.sso/metadata. You can also use the wget command on Linux to view the metadata on the command line.

wget http://<hostname of your IdP>:8080/idp/shibboleth

wget http://<hostname of your SP>/Shibboleth.sso/metadata

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter b0388 in the box below so that we can be sure you are a human.




Comments

Web design by yours truely - me, myself, and I   |   jeremy.canfield@freekb.net   |