Shibboleth Identity Provider Deployment
Shibboleth IdP 3.x
For sites with IdP v2 deployments which are preparing for an upgrade to v3, the page on Considerations regarding Shibboleth IdPv3 in the Context of SWITCHaai is suggested reading. It documents the decisions and recommendations SWITCH has taken prior to writing the installation guide.
Shibboleth IdP 2.4 (legacy)
Installation and Configuration
Migration and Upgrades
Load Balancing / High Availability
Currently, we do not recommend to use Terracotta software as it will no longer be supported in IdP 3.
Also refer to the Shibboleth Wiki on https://wiki.shibboleth.net/confluence/display/SHIB2/IdPClusterIntro.
For further questions, please don't hesitate to contact firstname.lastname@example.org.
The following guide explains how an Identity Provider can be configured to allow its users to access AAI resources in other federations outside of Switzerland. For deployment instructions, have a look at the interfederation deployment guide.
- Identity Provider Certificate Rollover Guide (replacing an old with a new certificate)
- Acceptable Certificates
Attributes about Users that need to be supported
Every SWITCHaai Home Organization has to be able to provide a certain set of user attributes to resources. See the AAI Attributes page for details.
- Design guidelines for login page