Note, this is an advanced configuration feature. Most deployments can rely on the |
Indicated by type="Shib1"
, this initiator supports Shibboleth 1.x authentication requests, an extension of the SAML 1.1 standard. As a protocol handler, an entityID must be specified/known, which is then used to check for metadata with an <md:IDPSSODescriptor>
role supporting Shibboleth 1.x. The absence of either causes a warning to be logged and the handler otherwise ignores the request.
A "supporting" IdP's role element has a protocolSupportEnumeration
attribute containing the value "urn:mace:shibboleth:1.0"
, with an accompanying <md:SingleSignOnService>
with a Binding
of "urn:mace:shibboleth:1.0:profiles:AuthnRequest"
.
The following can be provided via the Initiator Protocol
There are no protocol specific parameters