This is a summary of the primary changes required to the initial configuration of the SP software (in shibboleth2.xml, unless otherwise noted). These changes apply generically to any of the platforms and web servers, and are supplemented by additional work specific to the web server you're using.
entityID
attribute located in the <ApplicationDefaults>
element to one that's appropriate for your service. An https://
URL is recommended, ideally containing a logical DNS-derived name associated with your service that will not change over time as physical servers do. See the EntityNaming topic for more on this concept.<Errors>
element. The software will still run if you skip this, but you should at least provide a suitable email address in the supportContact
property.entityID
property in the <SSO>
element. You will need to supply metadata for that IdP in the next step. Note that this has the same property name as the one mentioned above, but it's the opposite. This setting names the IdP to use, whereas the one in the first step names the SP you're setting up.<MetadataProvider>
elements. There are a few common scenarios for acquiring metadata:Most installations will also want to:
<Sessions>
element.Review and adjust the extraction and mapping of attributes to environment variables or headers using the attribute-map.xml file. For more on this, see the Attribute Access topic.
Possible next steps: