...
- Change the
entityID
on the<ApplicationDefaults>
element tohttps://sp.machine/shibboleth
. This is your SP's name. - Change the
entityID
on the<SSO>
element tohttps://idp.machine/idp/shibboleth
. This is your IdP's name, and will send users directly to your IdP's login service (via the location specified in its metadata). - Uncomment the remotely maintained metadata example
<MetadataProvider>
. This will describe the IdP to your SP. Change theuri
to point tohttp://idp.machine/idp/profile/Metadata/SAML
. Delete or comment out the<SignatureMetadataFilter>
element, because the metadata will be unsignedboth of theĀ<MetadataFilter>
elements as they will not allow the metadata being loaded from the IdP host to work.
SP: shibd.logger
: Set DEBUG
logging using log4j.rootCategory=DEBUG, shibd_log
.
...
- Uncomment the
MetadataProvider reading metadata from a URL
. Change themetadataURL
tohttp://sp.machine/Shibboleth.sso/Metadata
. This will describe a basic SP to your IdP; for more advanced deployments, you'll need to hand-edit that metadata to matchreflect more advanced use cases. - Comment out the
MetadataFilter
element contained in theMetadataProvider
element. The metadata is unsigned, so this filter would cause the metadata to fail to load.
...