Skip to topic | Skip to bottom
Home
Federation
Hello TWikiGuest

Create personal sidebar
Federation.SPDescriptionr1.8 - 26 Aug 2007 - 00:56 - BrucLiongtopic end
Start of topic | Skip to actions

Service Provider Description Editor (SPDE)

WebSharpe as well as Autograph require each SP to provide a description on the details of services that it has and the different service levels available on the services. They also requires the details of attributes needed to be supplied by IdP in order to allow user to gain access to the service levels.

Components of SP Description

  • SP identifier, name, description, and location
  • Services available specified in its name, description and location
  • ServiceLevels? available in each Service and the list of attributes required in order to gain access to the levels

Service Description Schema

Service Description Schema

Sample of SP Description 

<?xml version="1.0" encoding="UTF-8"?>
<ServiceProvider xmlns="urn:mace:shibboleth:services:1.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:mace:shibboleth:services:1.0 ServiceDescriptor.xsd">

  <ServiceProviderIdentifier>urn:au:testfed:level-1:demo.federation.org.au</ServiceProviderIdentifier>
  <ServiceProviderName xml:lang="en">Demo Federation Test Site</ServiceProviderName>
  <ServiceProviderLocation xml:lang="en">https://demo.federation.org.au</ServiceProviderLocation>
  <ServiceProviderDescription xml:lang="en">Test site for federation applications</ServiceProviderDescription>
  <Service identifier="demo">
    <ServiceName xml:lang="en">Demo</ServiceName>
     <ServiceDescription xml:lang="en">To check if IdP is fully registered</ServiceDescription>
     <ServiceLocation xml:lang="en">https://demo.federation.org.au/shibboleth/target</ServiceLocation>
     <ServiceLevel identifier="none">
        <ServiceLevelName xml:lang="en">testing idp</ServiceLevelName>
        <ServiceLevelDescription xml:lang="en">to test idp registration</ServiceLevelDescription>
     </ServiceLevel>
   </Service>
   <Service identifier="sharpejspdemo">
     <ServiceName xml:lang="en">Sharpe JSP test</ServiceName>
     <ServiceDescription xml:lang="en">Test to see the release attributes</ServiceDescription>
     <ServiceLocation xml:lang="en">https://demo.federation.org.au/SharpeJSPDemo/demo.jsp</ServiceLocation>
     <ServiceLevel identifier="gold">
       <ServiceLevelName xml:lang="en">Gold Access</ServiceLevelName>
       <ServiceLevelDescription xml:lang="en">need 3 attributes</ServiceLevelDescription>
       <md:RequestedAttribute Name="urn:mace:dir:attribute-def:eduPersonAffiliation"
                              FriendlyName="your affiliation" isRequired="true"/>
       <md:RequestedAttribute Name="urn:mace:dir:attribute-def:eduPersonNickname"
                              FriendlyName="your nickname" isRequired="true"/>
       <md:RequestedAttribute Name="urn:mace:dir:attribute-def:sn"
                              FriendlyName="surname" isRequired="true"/>
     </ServiceLevel>
     <ServiceLevel identifier="silver">
       <ServiceLevelName xml:lang="en">Silver Access</ServiceLevelName>
       <ServiceLevelDescription xml:lang="en">need 2 attributes</ServiceLevelDescription>
       <md:RequestedAttribute Name="urn:mace:dir:attribute-def:eduPersonAffiliation"
                              FriendlyName="your affiliation" isRequired="true"/>
       <md:RequestedAttribute Name="urn:mace:dir:attribute-def:eduPersonNickname"
                              FriendlyName="your nickname" isRequired="true"/>
     </ServiceLevel>
      <ServiceLevel identifier="bronze">
          <ServiceLevelName xml:lang="en">Bronze Access</ServiceLevelName>
           <ServiceLevelDescription xml:lang="en">need 1 attribute</ServiceLevelDescription>
           <md:RequestedAttribute Name="urn:mace:dir:attribute-def:eduPersonAffiliation"
                                 FriendlyName="your affiliation" isRequired="true"/>
      </ServiceLevel>
    </Service>
  </ServiceProvider>

Integration of SPD schema to SAML 2.0 format

SPD has been designed to be aligned with SAML 2.0, hence its integration into future Shib metadata would be easy. It is currently undergoing integration stage.

Installation of SPDE

A very basic web application to do editing of SP Description is available. This application will undergo major GUI modification at later stage, however for simplicity it is fully functional. Feel free to test it. Installation of SP Description Editor is bundled with ShARPE now. Please install ShARPE to review this tool.

Loading existing XML

  1. browse for the xml file (example SP1.xml)
  2. edit as necessary
  3. click Generate XML when done, save the resultant XML file

How to create new SP Description XML

PS. For every action done, please click "Update SP Description" in the GUI
  1. Load SP Description Editor
  2. create New SP Description
  3. enter details of
    • SP Identifier: the identifier of this SP as known by IdP or federation, in the form of URI
    • SP Name: any friendly name of this SP
    • SP Location: URL location of this SP
    • SP Description: some description for IdP members to know the SP better
  4. create Services (or Products) details as necessary for this SP
  5. again, enter details of the Service
  6. each Service may have different Service Level for its users. Create them.
  7. in order for the user to gain access to the ServiceLevel? of a particular Service, user needs to know the required attribute of such ServiceLevel?. Identify the required attributes for the service level, indicate whether it is an optional or need to be supplied attribute, and if necessary the list of acceptable values for such attribute.
    • Name: the name of the attribute, e.g. "urn:mace:dir:attribute-def:eduPersonAffiliation" or "urn:au:testfed:level-1:e-snail-mail"
    • FriendlyName?: alternative easy-to-remember name for this attribute, e.g. "affiliation" or "e-mail"
    • scope: some applications require the attributes to be scoped, hence providing a scope would make the all values specified in this attribute to carry the scope.
    • isRequired: does the IdP member really need to supply this attribute?
    • Value: list of acceptable values separated by comma, e.g. "staff, member" or "username@federation.org.au"
  8. When finished, click on "Generate XML", which will give a complete XML description of the SP you've inputted.
  9. Save it into an XML file (with any name). This file is ready to be used by Sharpe or to be loaded into federation registries

Resources

-- BrucLiong - 16 Feb 2006
to top

End of topic
Skip to action links | Back to top

Edit | Attach image or document | Printable version | Raw text | More topic actions
Revisions: | r1.8 | > | r1.7 | > | r1.6 | Total page history | Backlinks
You are here: Federation > ShARPE > WebSharpeView > SPDescription

to top

Copyright © 1999-2008 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback