From ac8fa08c14975ee5954dd22dd366da03bfb59cde Mon Sep 17 00:00:00 2001
From: Jaime Perez Crespo <jaime.perez@uninett.no>
Date: Thu, 9 Jun 2016 11:54:17 +0200
Subject: [PATCH] Remove references to the OpenIdP in the documentation.
---
docs/simplesamlphp-reference-idp-remote.md | 19 ---------
docs/simplesamlphp-sp.md | 49 +++++++++-------------
2 files changed, 19 insertions(+), 49 deletions(-)
diff --git a/docs/simplesamlphp-reference-idp-remote.md b/docs/simplesamlphp-reference-idp-remote.md
index c8416f53e..c4088531b 100644
--- a/docs/simplesamlphp-reference-idp-remote.md
+++ b/docs/simplesamlphp-reference-idp-remote.md
@@ -212,25 +212,6 @@ Shibboleth 1.3 options
: *Note*: This option only works with the `saml:SP` authentication source.
-
-Examples
---------
-
-### Configuration for openidp.feide.no ###
-
- <?php
- $metadata['https://openidp.feide.no'] = array(
- 'name' => array(
- 'en' => 'Feide OpenIdP - guest users',
- 'no' => 'Feide Gjestebrukere',
- ),
- 'description' => 'Here you can login with your account on Feide RnD OpenID. If you do not already have an account on this identity provider, you can create a new one by following the create new account link and follow the instructions.',
- 'SingleSignOnService' => 'https://openidp.feide.no/simplesaml/saml2/idp/SSOService.php',
- 'SingleLogoutService' => 'https://openidp.feide.no/simplesaml/saml2/idp/SingleLogoutService.php',
- 'certFingerprint' => 'c9ed4dfb07caf13fc21e0fec1572047eb8a7a4cb',
- );
-
-
Calculating the fingerprint of a certificate
--------------------------------------------
diff --git a/docs/simplesamlphp-sp.md b/docs/simplesamlphp-sp.md
index b54441a92..509df2d2e 100644
--- a/docs/simplesamlphp-sp.md
+++ b/docs/simplesamlphp-sp.md
@@ -69,9 +69,9 @@ The service provider you are configuring needs to know about the identity provid
This is a minimal example of a `metadata/saml20-idp-remote.php` metadata file:
<?php
- $metadata['https://openidp.feide.no'] = array(
- 'SingleSignOnService' => 'https://openidp.feide.no/simplesaml/saml2/idp/SSOService.php',
- 'SingleLogoutService' => 'https://openidp.feide.no/simplesaml/saml2/idp/SingleLogoutService.php',
+ $metadata['https://example.com'] = array(
+ 'SingleSignOnService' => 'https://example.com/simplesaml/saml2/idp/SSOService.php',
+ 'SingleLogoutService' => 'https://example.com/simplesaml/saml2/idp/SingleLogoutService.php',
'certFingerprint' => 'c9ed4dfb07caf13fc21e0fec1572047eb8a7a4cb',
);
@@ -98,7 +98,7 @@ This is the `idp` option.
* The entity ID of the IdP this should SP should contact.
* Can be NULL/unset, in which case the user will be shown a list of available IdPs.
*/
- 'idp' => 'https://openidp.feide.no',
+ 'idp' => 'https://idp.example.com',
),
);
@@ -106,32 +106,21 @@ This is the `idp` option.
Exchange metadata with the IdP
------------------------------
-If you do not have an IdP yourself, you could use the Feide OpenIdP to test your Service Provider.
-The metadata for Feide OpenIdP is already included in the metadata distributed with SimpleSAMLphp.
-
-In order to complete the connection between your SP and Feide OpenIdP, you must add the metadata for your SP to the IdP.
-The metadata for your SP can be found on the `Federation`-tab.
-Copy the SAML 2.0 XML Metadata document automatically generated by SimpleSAMLphp, and go to the OpenIdP Metadata Self-Service Registry:
-
- * [Feide OpenIdP Metadata Self-Service Registry](https://openidp.feide.no/simplesaml/module.php/metaedit/index.php)
-
-You need to login with an OpenIdP account to authenticate (you can create a new account if you do not have one already).
-Next, click the link 'Add from SAML 2.0 XML metadata', and paste in your SAML 2.0 XML Metadata.
-After clicking the 'Import metadata' button, you will be presented with a form where you can edit your metadata.
-You can check that your metadata was parsed correctly by looking at the 'SAML 2.0' tab.
-The textfields for AssertionConsumerService and SingleLogoutService should contain two URLs:
-
-`AssertionConsumerService`
-: `https://sp.example.org/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp`
-
-`SingleLogoutService`
-: `https://sp.example.org/simplesaml/module.php/saml/sp/saml2-logout.php/default-sp`
-
-After checking your metadata, give your SP a proper name and description and click 'save'.
-
-The procedure for managing trust in federations differ, but the common part is that you would need to provide the *SAML 2.0 metadata
-of your SP*, and register that with the federation administration.
-
+In order to complete the connection between your SP and an IdP, you must exchange the metadata of your SP with the IdP.
+The metadata of your SP can be found in the *Federation* tab of the web interface. Copy the SAML 2.0 XML Metadata document
+automatically generated by SimpleSAMLphp and send it to the administrator of the IdP. You can also send them the dedicated
+URL of your metadata, so that they can fetch it periodically and obtain automatically any changes that you may perform to
+your SP.
+
+You will also need to add the metadata of the IdP. Ask them to provide you with their metadata, and parse it using the *XML to
+SimpleSAMLphp metadata converter* tool available also in the *Federation* tab of the web interface. Copy the resulting
+parsed metadata and paste it with a text editor into the `metadata/saml20-idp-remote.php` file in your SimpleSAMLphp
+directory.
+
+If you intend to add your SP to a federation, the procedure for managing trust in federations differ, but the common part is
+that you would need to provide the *SAML 2.0 metadata of your SP*, and register that with the federation administration.
+You will probably be required too to consume the federation metadata periodically. Read more about
+[automated metadata management](simplesamlphp-automated_metadata) to learn more about that.
Test the SP
--
GitLab