From 21d599fe4c641a63a23b72acdff37eb58580f54f Mon Sep 17 00:00:00 2001 From: Olav Morken <olav.morken@uninett.no> Date: Thu, 24 Jun 2010 06:43:16 +0000 Subject: [PATCH] docs: Fix SP metadata exchange documentation. git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2362 44740490-163a-0410-bde0-09ae8108e29a --- docs/simplesamlphp-sp.txt | 27 +++++++++++++++++---------- 1 file changed, 17 insertions(+), 10 deletions(-) diff --git a/docs/simplesamlphp-sp.txt b/docs/simplesamlphp-sp.txt index ea5c2d58f..864a14450 100644 --- a/docs/simplesamlphp-sp.txt +++ b/docs/simplesamlphp-sp.txt @@ -107,21 +107,28 @@ This is the `idp` option. Exchange metadata with the IdP ------------------------------ -If you do not have setup an IdP yourself, you could use the Feide OpenIdP to verify your Service Provider setup. -The metadata for Feide OpenIdP is already included in the metadata distributed with simpleSAMLphp, so you can copy the metadata from `metadata-templates` where Feide OpenIdP is included. +If you do not have an IdP yourself, you could use the Feide OpenIdP to test your Service Provider. +The metadata for Feide OpenIdP is already included in the metadata distributed with simpleSAMLphp. -But, in order to complete the connection between your SP and Feide OpenIdP, it is not sufficient that you have configured metadata for Feide OpenIdP. -Feide OpenIdP also needs to add metadata for your SP. - -Copy the SAML 2.0 XML Metadata document automcatically generated by simpleSAMLphp (as described below), and go to the OpenIdP Metadata Self-Service Registry: +In order to complete the connection between your SP and Feide OpenIdP, you must add the metadata for your SP to the IdP. +The metadata for your SP can be found on the `Federation`-tab. +Copy the SAML 2.0 XML Metadata document automatically generated by simpleSAMLphp, and go to the OpenIdP Metadata Self-Service Registry: * [Feide OpenIdP Metadata Self-Service Registry](https://openidp.feide.no/simplesaml/module.php/metaedit/index.php) -You need to login with an OpenIdP account to authenticate (you can create a new account if you do not have one already). Next, click the link 'Add from SAML 2.0 XML metadata', and paste in your SAML 2.0 XML Metadata, give it a proper name and description and click 'save'. Now you can test the SAML 2.0 Example on your SP, and try to login with Feide OpenIdP. +You need to login with an OpenIdP account to authenticate (you can create a new account if you do not have one already). +Next, click the link 'Add from SAML 2.0 XML metadata', and paste in your SAML 2.0 XML Metadata. +After clicking the 'Import metadata' button, you will be presented with a form where you can edit your metadata. +You can check that your metadata was parsed correctly by looking at the 'SAML 2.0' tab. +The textfields for AssertionConsumerService and SingleLogoutService should contain two URLs: + +`AssertionConsumerService` +: `https://sp.example.org/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp` + +`SingleLogoutService` +: `https://sp.example.org/simplesaml/module.php/saml/sp/saml2-logout.php/default-sp` -Before you can run the test examples, you need the people running the IdP to load the metadata for your SP. -This metadata can be generated automatically. -Links to the generated metadata can be found under the `Metadata`-tab on the front page. +After checking your metadata, give your SP a proper name and description and click 'save'. Test the SP -- GitLab