Wisconsin Federation: Configuring your Service Provider

This document will help you setup your service provider to integrate with the Wisconsin Federation.

Overview

Some web applications need to be accessed by users of other UW-System campuses (outside of UW-Madison). This document will outline the changes you need to make to your shibboleth2.xml to make your Service Provider (SP) work with the Wisconsin Federation (WiscFed) Identity Provider (IdP). You will also have to fill out an Identity Data Integration Request Form to access UW-System identity data.

Signing Certificate

The signing certificate for the SP can be retrieved at https://wayf.wisconsin.edu/metadata/wayf.wisconsin.edu-signing.pem.

Session Initiator

<SessionInitiator type="Chaining" Location="/Login" isDefault="true" id="Intranet"> <SessionInitiator type="SAML2" acsIndex="1" template="bindingTemplate.html"/> <SessionInitiator type="SAMLDS" URL="https://wayf.wisconsin.edu/DS/WAYF"/> </SessionInitiator>

MetadataProvider

<MetadataProvider type="Chaining"> <MetadataProvider type="XML" uri="http://wayf.wisconsin.edu/metadata/wi-federation-metadata.xml" backingFilePath="wayf.wisconsin.edu-wi-federation-metadata.xml" reloadInterval="1800"> <MetadataFilter type="Signature" certificate="wayf.wisconsin.edu-signing.pem"/> </MetadataProvider> </MetadataProvider>

AttributeExtractor

<attributeExtractor type="XML" validate="true" uri="http://wayf.wisconsin.edu/metadata/attribute-map.xml" backingFilePath="wayf.wisconsin.edu-attribute-map.xml" reloadInterval="1800"/>

Attribute Resolver

<attributeResolver type="SimpleAggregation" attributeId="eppn" format="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"> <Entity>https://aa.iam.wisconsin.edu/aa/shibboleth</Entity> <EntityReference>eduWisconsinSPVI</EntityReference> </AttributeResolver>




Keywords:netid login service wisconsin federation wiscfed shibboleth sp idp system   Doc ID:62574
Owner:Naomi S.Group:Identity and Access Management
Created:2016-04-07 12:23 CSTUpdated:2020-04-15 11:58 CST
Sites:Access Management Services, Identity and Access Management
Feedback:  0   0