Shibboleth Service Provider Training
This page provides all the material that was used during the Shibboleth Service Provider Training event held on March 19./20. 2014 in Zurich. The material on this page allows repeating the training. During the training participants install, register and configure a standard Shibboleth Service Provider in the AAI Test federation, which uses the same technical standards like SWITCHaai. The ultimate goal is to make participants familiar with the federated identity management, SAML and Shibboleth in particular. At the end of the training, all participants should be familiar with all basic aspects of running a Shibboleth Service Provider in SWITCHaai.
Training VM image is no longer available
The VM image is no longer available, it was outdated.
The LDAP server required by the IdP pre-configured in the image is no longer accessible.
Training VM Image
The training is performed on a virtual machine (VM), basically a VM image that can be run in Virtual Box (recommended) or VMware Player/Fusion. The image thus can be run on Windows, Mac and Linux systems.
To run the SP Training VM the following minimal requirements have to be met:
- User must have administration privileges on the laptop
- x86 processor better than Pentium 4
- 2 GByte RAM (at least 1GB free memory)
- 10 GByte free harddisk space
- Internet Connectivity
- VirtualBox (or VMWare Player) installed and fully operational.
SP Trainig at Home
The training was designed in a way that allows to repeat it at home in an autonomous way. All that is needed is the material on this page, basically the SP Training VM and the slides.
To start with the training, perform the following steps:
- Download the image Shibboleth SP Training VM image (no longer available)
- Open the Image with Virtual Box or VMWare Player/Fusion
- Run the SP Training VM to boot up the image.
- Pick a participation number between 2 - 30 (number 1 is reserved).
Use this number wherever you see a bold red # in the slides and documents. - Ideally print out the Tipps and Tricks handout for ease-of-use.
- Start reading the SP Training Hands-On slides.
Whenever there comes a "Detour" slide, there is a more detailed presentation about a related topic or service in the Documents list below.
Please note that when registering the Service Provider with the Resource Registry, you might have to wait a few minutes till a few hours until the registration is manually approved by someone from the SWITCHaai team. This in contrast to the training where this step took les than 5 minutes.
Documents
| Separate hand-out with test accounts, hints for debugging, testing and file editing. | |
| Federated Identity Management | |
| AAI Login Demo | |
| SAML Terminology & Flows | |
| Introduction to Shibboleth | |
| X.509 Certificates for SAML | |
| Resource Registry | |
| AAI Attributes | |
| Interfederation | |
| Interfederation Attributes | |
| Virtual Home Organization & Guest Login | |
| Solutions for Access Control | |
| Discovery Service Options | |
| Logout Support on SP and Application | |
| Service Provider Virtualization | |
| Shibboleth SP Error Handling | |
| Shibboleth-aware Applications | |
|
Shibboleth SP Training Hands-On
|