Information included on this page will help you to install and use Shibboleth for authentication and integration with OnePass on an Linux or Windows or other servers.
**The configuration below is for your reference only. Some parameters and paths may be different with different Shibboleth versions / sub-versions. Kindly double-check the corresponding path name/certificate name in your configuration file.
– Site id, In the ISAPI element, verify the Site id=”1″. Clicking Sites in IIS will reveal the ID assigned to this site |
– name, update the name “sp.example.org” to your website hostname |
– RequestMap, update Hostname from “sp.example.org” to your website hostname |
– Path name, update Path tags to create a path to the parts of the service that will be Shibboleth-enabled |
– ApplicationDefaults, update entityID=”sp.example.org” to the hostname, e.g. https://abc.cuhk.edu.hk/shibboleth, change REMOTE_USER=”NameID”, addsigningAlg=”http://www.w3.org/2001/04/xmldsig-more#rsa-sha256″ digestAlg=”SHA256″ |
– Sessions lifetime: update to “28800”, timeout: update to “1200” |
– SSO entityID, should be updated to OnePass entityID, the entityIDs for UAT / production environments to be provided by OnePass Support. |
– Handle type: update to “MetadataGenerator”, signing: update to “true” |
– Errors supportContact: update to a valid email address for the person managing the SP configuration |
– MetadataProvider type: update the url to OnePass UAT / Production environments that provided by OnePass Support |
For more information about the specifics of the attributes released, please contact ITSC Service Desk.