Note that SPs running Shib2 DO NOT NEED TO WAIT for the WAYF to be DS-ised
to test this. By default they will be installed with a SessionInitiator
(call Login) to allow them to specify a given entity Id.
If any IdPs out there want to test against a given SP I might be able to
help them - just send me mail. I have a VM which might help but I don't
want it to end up being used too heavily and if I publicise its address here
then I know that in 3 months someone will have baked it into their flows and
then I'll need to support it...
Rod
----- Original Message -----
From: "Sara Hopkins" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Wednesday, December 02, 2009 5:05 PM
Subject: Re: The eduPersonTargetedID and Shibboleth 2
> Rhys Smith wrote:
>
>> I've switched our IdP from 1.x to 2.x a while ago and haven't hit any
>> problems. That being said, if the user is sent via the UK fed WAYF, I
>> believe the IdP and SP will end up talking SAML1 even if they're both
>> Shib 2.x entities, since the WAYF only supports SAML1 - SAML2 will be an
>> option when the new DS code goes live on it (someone (Rod!) correct me if
>> I'm wrong on this). So there might still be services out there that
>> haven't been "thoroughly" tested with this (where thoroughly = lots of
>> people talking SAML2 to that service)...
>
> You are correct, both about the current WAYF and the new DS.
>
> Sara
> --
> Sara Hopkins
> SDSS Support Team
> EDINA, University of Edinburgh
>
> The University of Edinburgh is a charitable body, registered in Scotland,
> with registration number SC005336.
|