Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

See also: Discovery

Shibboleth

You will need to do three things:

Add a discovery response binding to your metadata in the <Extensions> section- e.g:

...

<Extensions>
   ...
      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://shibsp.yourdomain.com/Shibboleth.sso/DS" index="1"/>
   ...
</Extensions>

... then add the discovery service to your shibboleth.xml configuration file in the SSO section in place of any singular IdP definition:

...

 <SSO
     discoveryProtocol="SAMLDS" discoveryURL="https://wayfinder.openathens.net">
     SAML2 SAML1
 </SSO>

Check that your metadata now includes an <idpdisc:DiscoveryResponse> section and then have your updated metadata be picked up by each federation you are active in. How this is done can vary by federation, but you will usually have to tell them.

If you are in the OpenAthens federation you will need to add the discovery return URL to your SAML endpoints via the publisher dashboard:

  • Once you are logged in at sp.openathens.net, select your application
  • Go to the SAML endpoints tab and click the add endpoint button
  • Select discovery return URL, enter the value and click done
  • Click Save changes
  • It will take up to 15 minutes for the change to take effect

SimpleSAML.php

Set the options in authentication.php and then restart the service

  • 'discoURL'  => 'https://wayfinder.openathens.net' 
  • 'idp' => null

Check that your metadata now includes an <idpdisc:DiscoveryResponse> section and then have your updated metadata be picked up by each federation you are active in. How this is done can vary by federation, but you will usually have to tell them.

If you are in the OpenAthens federation you will need to add the discovery return URL to your SAML endpoints via the publisher dashboard:

  • Once you are logged in at sp.openathens.net, select your application
  • Go to the SAML endpoints tab and click the add endpoint button
  • Select discovery return URL, enter the value and click done
  • Click Save changes
  • It will take up to 15 minutes for the change to take effect

Include Page
_wayfinderShib
_wayfinderShib

SimpleSAML.php

Include Page
_wayfinderSimpleSAML
_wayfinderSimpleSAML

Other SP software

Add according to their instructions and then update the federation metadata as with Shib or SimpleSAML above.

Troubleshooting

No entities appear in Wayfinder

...