...
As an intermediate step, you may want to see whether it’s possible to log into your IDP at all. There’s a relatively simple script at http://www.cilogon.org/ecp called testecp.sh . Note that for IDP 3, all the test scripts have been modified to set the content type header to text/xml. This is because curl by default will set an inappropriate content type application/x-www-form-urlencoded) that IDP 2 would tolerate, but IDP 3 will not. If you want to use testecp.sh to see whether you can log into the IDP before setting up the metadata related to SPs, you will need to make a few (possibly temporary) changes to your configuration. To make your IDP "open," you can edit the conf/relying-party.xml file to support an UnverifiedRelyingParty.
...