...
- Change the
entityID
attribute located in the<ApplicationDefaults>
element to one that's appropriate for your service. An https:// URL is recommended, ideally containing a logical DNS hostname associated with your service that will not change over time as physical servers do. See the EntityNaming topic for more on this concept.
- Change the
homeURL
attribute (if available) to the best landing spot in the event that users end up at your site without a more specific URL. This should be an absolute URL.
- Customize the various HTML error templates and error properties specified in the
<Errors>
element. Obviously the software will still run if you skip this, but frankly if you don't do it up front there's a decent chance you won't do it later, and that looks bad for you and the software project as a whole. At least provide a suitable email address in thesupportContact
property.
- For testing purposes, it's simplest to start with a single IdP and point the SP to it by modifying the "default"
<SessionInitiator>
in the file to it. Replace theentityID
attributeentityID
property in the outer element with the name of the IdP to use<SSO>
element. You will need to supply metadata for that IdP in the next step.
...
Most installations will also want to:
- Adjust various session cache and session policy settings in the
<SessionCache>
and<Sessions>
elements element.
- Review and adjust the extraction and mapping of attributes to environment variables or headers using the
attribute-map.xml
file. For more on this, see the NativeSPAttributeAccess topic.
...