Creating an SSO Profile in Shibboleth

Creating an SSO Profile in Shibboleth

Walk through creating a client reference in Shibboleth.

Client must provide their Entity ID and the URL to their metadata XML file. If they need fields other than the defaults (eppn, givenName, sn, email) then those must be provided as well.

I'll use University of Wisconsin - Milwaukee as an example.

IdP entityID: ​https://idp.uwm.edu/idp/shibboleth

Metadata: ​https://wayf.uwm.edu/metadata/uwm-idp-metadata.xml

  1. Make a backup copy of C:\opt\shibboleth-sp\etc\shibboleth\shibboleth2.xml
  2. Open shibboleth2.xml for editing in Administrative mode with Notepad++
  3. Add a new child element to SPConfig/RequestMapper/RequestMap/Host/Path/Path/ for the client's handle and EntityId
  4. Add a new //MetadataProvider element for the client's XML metadata
  5. Save the file
  6. If the client has non-default field mappings
    1. backup C:\opt\shibboleth-sp\etc\shibboleth\attribute-map.xml
    2. open attribute-map.xml
    3. Add a new unique //Attribute element to the bottom, this example is from TAMU
    4. Then map this field to our field in F:\websites\sso\App_Data\attributeOverride.json. Here is the corresponding override for TAMU: 1. { "handles": [ "tamu" ], "overrides": { "Id": "tamuEduPersonUIN" } }
  7. Restart the Shibboleth 2 Daemon service.
  8. Test out the new SSO Url.

    • Related Articles

    • Creating an SSO Profile in Shibboleth

      Walk through creating a client reference in Shibboleth. Client must provide their Entity ID and the URL to their metadata XML file. If they need fields other than the defaults (eppn, givenName, sn, email) then those must be provided as well. I'll use ...

    • Example SSO Email To Client

      Subject: Comevo SSO Setup Body: Hello! I will be helping you get your SSO set-up to access our Launch™ Online Orientation service. Here is general information on our SSO ...

    • Example SSO Email To Client

      Subject: Comevo SSO Setup Body: Hello! I will be helping you get your SSO set-up to access our Launch™ Online Orientation service. Here is general information on our SSO ...

    • Creating First Campaign

      1. Enter Basic Information: Name (internal), subject, sender email and name, address recipient names 2. Email Body and Content: Choose from my templates, pre-designed templates, or basic templates 3. Preview and Test Email 4. Select Email Recipients ...

    • Creating Status Reports - needs updating

      Start, my computer, Comevo on 'evo' (T:) drive, Management, Staff, Sales Rep (choose sales rep) Go to RatioAnalysis- Ed file and fill in the total calls, demos, closes, close $ for each sales rep (the total can be found in the spreadsheet for the ...