Has anyone who has tested Athens access done so by staying in the sdss
federation and joining the Athens federation at the same time. I'm
trying to test accessing by being in both federations at the same time.
I'm testing with a 1.3 IdP and am encountering problems, I can't find
any "how to do multiple federations" guides to help.
Does anyone have any pointers as to how your IdP.xml file should look?
At present I have set it so I have several relying parties:
<RelyingParty name="urn:mace:ac.uk:sdss.ac.uk:federation:sdss"
schemaHack="true"
providerId="urn:mace:ac.uk:sdss.ac.uk:provider:identity:lock.ncl.ac.uk"
signingCredential="sdss_cred"><NameID nameMapping="shm"/></RelyingParty>
<RelyingParty
name="urn:mace:eduserv.org.uk:athens:federation:uk"
providerId="urn:mace:eduserv.org.uk:athens:provider:ncl.ac.uk"
signingCredential="athens_cred"><NameID
nameMapping="shm"/></RelyingParty>
And several metadataproviders
<MetadataProvider
type="edu.internet2.middleware.shibboleth.metadata.provider.XMLMetadata"
uri="file:/usr/local/shibboleth-idp/etc/sdss-sites-13.xml"/>
<MetadataProvider
type="edu.internet2.middleware.shibboleth.metadata.provider.XMLMetadata"
uri="file:/usr/local/shibboleth-idp/etc/athens-sites.xml"/>
but when I try the gateway it gives an error message and my IdP has the
following in the logs:
Could not locate Relying Party configuration for
(urn:mace:eduserv.org.uk:athens:federation:uk). Using default Relying
Party: (urn:mace:ac.uk:sdss.ac.uk:federation:sdss).
No metadata found for provider:
(urn:mace:eduserv.org.uk:athens:federation:uk).
Any pointers as to how to configure multiple federations in an IdP?
Caleb Racey, Webteam, ISS
University of Newcastle upon Tyne
|