Versions Compared

Old Version 62

changes.mady.by.user Hong Ye

Saved on

compared with

New Version 63

changes.mady.by.user Hong Ye

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Expand
titleGet SP's metadata
  • Restart IIS and the Shibboleth Daemon. The Shibboleth Daemon can be restarted using the Administrative Tools > Services navigation.
  • Navigate to https://yoursiteDomain/Shibboleth.sso/Metadata and download it.Open your downloaded file with text editor. Make sure the entityID is the same as your defined in shibboleth2.xml. If there are multiple sites in IIS require Shibboleth authentication and you define them in shibboleth2.xml, you need to manually add consumer service url for each site in your SP's metadata.       

 

Code Block
languagetext
titleExample
ForIn our example, I get my SP's metadata can be obtained from https://shibtest.cit.cornell.edu/Shibboleth.sso/Metadata,.  inIn the metadata there should be a line like this:

<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibtest.cit.cornell.edu/Shibboleth.sso/SAML2/POST" index="1"/>

IOur example also have shibtest1.cit.cornell.edu defined in shibboleth2.xml, I need to add another AssertionConsumerService url for shibtest1.cit.cornell.edu like this:

 need to be manually added in the metadata:
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibtest1.cit.cornell.edu/Shibboleth.sso/SAML2/POST" index="2"/>
 
  • Save your metadata file. You'll need to submit your SP's metadata in shibboleth integration request form.
...