From 8a0ba95bf1b9c2ca461c0d2c6b3a1124f81eddc9 Mon Sep 17 00:00:00 2001 From: Olav Morken <olav.morken@uninett.no> Date: Thu, 1 Oct 2009 11:48:18 +0000 Subject: [PATCH] docs: Update documentation for bridging. git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1812 44740490-163a-0410-bde0-09ae8108e29a --- docs/simplesamlphp-advancedfeatures.txt | 44 ++++++++++--------------- 1 file changed, 18 insertions(+), 26 deletions(-) diff --git a/docs/simplesamlphp-advancedfeatures.txt b/docs/simplesamlphp-advancedfeatures.txt index 6d1226291..8935185fe 100644 --- a/docs/simplesamlphp-advancedfeatures.txt +++ b/docs/simplesamlphp-advancedfeatures.txt @@ -26,32 +26,24 @@ step :) Bridging between protocols -------------------------- -A bridge between two protocols is built using both an IdP and an -SP, connected together. To let a SAML 2.0 SP talk to a Shibboleth -IdP, you build a simpleSAMLphp bridge from a SAML 2.0 IdP and a -Shibboleth SP.The SAML 2.0 SP talks to the SAML 2.0 IdP, which -hands the request over to the Shibboleth 1.3 SP, which forwards it -to the Shibboleth IdP. This is configured in the IdP hosted -metadata, and is controlled by the `auth` and `authority` -parameters. - -**Example 1. Example of bridge configuration** - -A bridge configured with a SAML 2.0 IdP and a Shibboleth 1.3 SP: In -the `saml20-idp-hosted.php` metadata you configure the -authentication to use Shibboleth 1.3 SP like this: - - 'auth' => 'shib13/sp/initSSO.php', - 'authority' => 'shib13' - -As no specific Shibboleth IdP is specified as parameter to the -`initSSO.php` script, the discovery service page will be shown. If -you want to connect the SAML 2.0 IdP to a specific Shibboleth 1.3 -IdP, give the entity id as a parameter to the `initSSO.php` -script: - - 'auth' => 'shib13/sp/initSSO.php?idpentityid=shib13idp.example.org', - 'authority' => 'shib13' +A bridge between two protocols is built using both an IdP and an SP, connected together. +To let a SAML 2.0 SP talk to a SAML 1.1 IdP, you build a simpleSAMLphp bridge from a SAML 2.0 IdP and a SAML 1.1 SP. +The SAML 2.0 SP talks to the SAML 2.0 IdP, which hands the request over to the SAML 1.1 SP, which forwards it to the SAML 1.1 IdP. + +If you have followed the instructions for setting up an SP, and have configured an authentication source, all you need to do is to add that authentication source to the IdP. + +**Example of bridge configuration** + +In `metadata/saml20-idp-hosted.php`: + + 'auth' => 'default-sp', + +In `config/authsources.php`: + + 'default-sp' => array( + 'saml:SP', + ), + Attribute control -- GitLab