By far the easiest integration is to use Seamless Access service as a standard SAML identity provider discovery service (DS). The DS URL is https://service.seamlessaccess.org/ds - you will use this URL in your SPs configuration where appropriate. Here is how to do this for two common SP software stacks:
In the file /etc/shibboleth/shibboleth.xml modify the SSO element to read:
<SSO discoveryProtocol="SAMLDS" discoveryURL="https://service.seamlessaccess.org/ds/"> SAML2 </SSO> |
For a complete set of options related to discovery see the shibboleth documentation.
In authsources.php (relative to the SSP config directory) find your SAML authentication source (often named ‘default-sp’) and set the discoURL parameter to https://service.seamlessaccess.org/ds/:
'default-sp' => array(
'saml:SP',
'entityID' => NULL,
'discoURL' => 'https://service.seamlessaccess.org/ds/',
....
),
|
For more details visit the SSP documentation.
<< Limited Integration | Standard Integration >>