Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Install and configure Java and Tomcat as webserver with TLS/SSL support, running Tomcat and the JVM as non-root user
  2. Install the Shibboleth IDP software and integrate it with Tomcat
  3. Load SAML Metadata using the eduID.at Metadata and eduID.at Metadata Verification Key
    • For new eduID.at members: Send a copy of your IDP Metadata (by default in /opt/shibboleth-idp/metadata/idp-metadata.xml) to the eduID.at Operations Team, ideally signed with your S/MIME or OpenPGP key.
  4. Configuring authentication & attribute lookup is highly somewhat site-dependent, more material may be added here over time
  5. Configure attribute release filters, including controlled, automated attribute release based on Service Categories
  6. Add support for pairwise-id ("service-specific pseudonyms") and subject-id

...