October 20th, Vienna Federation Lab Identity Federations + eduGAIN
October 20th, Vienna
Federation LabIdentity Federations + eduGAIN
Federation Lab
✤ Test SAML2int Compliance useful for eduGAIN.
✤ Validate metadata – metadata is very important to eduGAIN.
✤ Test eduGAIN attributes
✤ The eduGAIN test federation
✤ Does it exists? Can it be combined with FedLab test fed?
✤ SAML tracer
✤ Web-based debugger
Testing SAML Service Providers
✤ Already working at fed-lab.org
✤ We need to improve the user experience.
✤ Difficult to trace connectivity problems now.
✤ New UI framework is in progress
✤ Common API allows testing of Oauth, SAML and OpenID Connect
✤ Plans for more advanced features: like test result change notifications, machine APIs for test infrastructures etc.
Testing SAML Service Providers
Testing Identity Providers
✤ A bit more complex
✤ Needs to traverse login screens
✤ I hope we will have to include this in the Fed Lab suite
SAML Tracer
✤ Firefox plugin
SAML Tracer
Web-based debugger
Metadata Validation
✤ Ad-hoc validation of metadata for one entity
✤ Used for debugging purposes for administrators that would quality control metadata before exporting to eduGAIN.
✤ Continuous monitoring of the MDS feed for exceptions from the policy.
✤ May be including alerts/notifications or API against monitoring systems support notifications.
Metadata validation»SAMLmetaJS
✤ Javascript editor for metadata
✤ Built-in validation supported (just started)
✤ Used by the PEER project
✤ What about preparing a validation profile customized for eduGAIN metadata profile?
Metadata validation»SAMLmetaJS
Metadata monitoring
✤ Demo generated PDF document
✤ Based upon MDS
✤ as of June 20th 2011
✤ Tons of errors :)
More tools?
✤ Any requests or requirements from eduGAIN?