Page tree
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Icon

This page provides the general entity registration process and requirement in SIFULAN Federation

Connecting to the SIFULAN Federation

For Identity Providers:

  1. Join SIFULAN Federation
  2. Determining connection method as a new Identity Provider (IdP):
    1. For Shibboleth Identity Providers
    2. For SimpleSAMLphp

For Service Providers:

  1. Join SIFULAN Federation
  2. Connecting as a Service Provider (SP)

Identity Provider Requirements:

  • Member of SIFULAN Federation
  • Single Sign-On system such as Shibboleth IdP or SimpleSAMLphp and Directory Service such as LDAP, AD, etc
  • Provide, at minimum, the following attributes: 
    • displayName (urn:oid:2.16.840.1.113730.3.1.241)
    • email (urn:oid:0.9.2342.19200300.100.1.3)
    • eduPersonPrincipalName(urn:oid:1.3.6.1.4.1.5923.1.1.1.6)
    • eduPersonAffiliation (urn:oid:1.3.6.1.4.1.5923.1.1.1.1)
    • eduPersonTargetedID (urn:oid:1.3.6.1.4.1.5923.1.1.1.10)
    • organizationName (urn:oid:2.5.4.10)

Determining connection method as a new Identity Provider (IdP):

For Shibboleth/SimpleSAMLphp Identity Providers:

  1. Login to the SIFULAN Federation registry system (the login account will be provided once the IdP becomes SIFULAN Federation member),
  2. Wait for the Federation Administrator to approve the new organisation,
  3. Setup your Shibboleth Identity Provider here using your newly created Organisation in Identity Provider Description,
  4. Select the appropriate attributes that the Identity Provider will supply,
  5. Submit request and wait for approval via email.

Once you receive the confirmation email, connect to the Federation Registry and become the administrator for both the Organisation and Identity Provider.
Follow the instructions given by the confirmation emails of both the Organisation and Identity Provider to complete this process.

Note: Your identity provider will become active within the SIFULAN Federation 24 hours after approval.

Local IdP configuration: 

  • Follow the configuration settings for Shibboleth IdP or SimpleSAMLphp Installation Guide for SIFULAN Federation.

Production Federation Metadata: https://sifulan.my/metadata/metadata.xml
Metadata Signing Certificate: https://sifulan.my/metadata/sifulan-signer.pem
SIFULAN Federation Discovery Service:  https://sifulan.my/DS/WAYF


Service Provider Requirements:

  • Member of SIFULAN Federation

Connecting as a Service Provider (SP):

The Service Provider metadata's will need to be added to production Federation metadata.

Adding SP metadata to the Federation metadata: 

(DO NOT use the following steps  if your Service Provider is ADFS or unable to handle multiple entities within its metadata)

  1. Login to the SIFULAN Federation registry system (the login account will be provided once the SP becomes SIFULAN Federation member),
  2. Wait for the Federation Administrator to approve the new organisation,
  3. Setup your Service Provider here using your newly created Organisation in Service Provider Description,
  4. Select the attributes that the SP requires and provide reasoning to why the specfic attributes are needed, 
  5. Submit request and wait for approval email.

Once you receive the confirmation email, connect to the Federation Registry and become the administrator for both the Organisation and Service Provider.
Follow the instructions given by the confirmation emails of both the Organisation and Service Provider to complete this process.

Local Shibboleth SP configuration: 

  • Follow the configuration settings for Shibboleth or SimpleSAMLphp SP Installation Guide for SIFULAN Federation.

Production Federation Metadata: https://sifulan.my/metadata/metadata.xml
Metadata Signing Certificate: https://sifulan.my/metadata/sifulan-signer.pem
SIFULAN Federation Discovery Service:  https://sifulan.my/DS/WAYF

Note: Your service provider will become active within the SIFULAN Federation 24 hours after approval.

  • No labels