InC-Lib-Vendor

[David Kennedy <>]

This format is documented under our Best
Practices as Identity Provider SSO.

It is a format of WAYFless url, that
requires some of the SP metadata and IdP metadata to be included in the
WAYFless URL itself.

Regardless of the format, this still
requires proper configuration at both endpoints, the IdP and the SP.

In my limited experience in this arena,
I have found that configuration management is simpler for SPs if the IdP
configurations are included in federation metadata.  When I was at
UMD and running several IdPs across a consortium that were not registered
with InCommon, I found that this was a blocker for some SPs, they were
not equipped to deal with IdP metadata from individual institutions, rather
they dealt with federation metadata.  Granted, this was two years
ago, but I still think that the prerequisite that Andy put in the document
(at the beginning of this thread) should remain.

Dave

-----
David Kennedy
Application Developer
Perkins Library, Duke University
(919) 613-6831

From:	"Kent Percival" <>
To:	"'Foster Zhang'" <>, <>, "'inc-lib-vendor'" <>
Date:	10/22/2009 10:23 PM
Subject:	RE: [InC-Lib-Vendor] First stab at Shib/EZproxy how-to document

---

Foster,
I'm lost  ... I don't recall this specific format nor what it does,
being
directed at the Identity Provider. 

Actually my technical people mumbled something about only SAML2 and not
needed
when the SP and IdP are properly configured to know each other, as would
be the
case for subscribed services.

....Kent
 _


> -----Original Message-----
> From: Foster Zhang []
> Sent: October 22, 2009 11:06
> To: ; inc-lib-vendor
> Subject: RE: [InC-Lib-Vendor] First stab at Shib/EZproxy how-to document
> 
> Steven,
> 
> https://shibboleth.johnshopkins.edu/shibboleth-
>
idp/SSO?shire=https%3A%2F%2Fpqshibboleth.proquest.com%3A9443%2FShibboleth.sso%2F
SA
>
ML%2FPOST&time=1249052380&target=https%3A%2F%2Fpqshibboleth.proquest.com%3A9443
>
%2Fpqdweb&providerId=https%3A%2F%2Fpqshibboleth.proquest.com%3A9443%2Fshibboleth
> 
> do not know if I name it correctly.
> 
> Foster
> 
> -----Original Message-----
> From:  []
> Sent: Thursday, October 22, 2009 10:17
> To: inc-lib-vendor
> Subject: RE: [InC-Lib-Vendor] First stab at Shib/EZproxy how-to document
> 
> At 9:25 AM -0400 10/22/09, Foster Zhang wrote:
> >Andy,
> >
> >If you set up a shib wayfless url from Information Provider that
> >hardcoded the IdP info, you do not have to be a member of a
> >federation to use it.
> >
> 
> could someone define this term for me: "shib wayfless url from
> Information Provider", and give an example?
> 
> thanks!