Differences

This shows you the differences between two versions of the page.

--- en:discovery [2021/03/04 09:42] – Silke Meyer
+++ en:discovery [2024/02/13 09:21] – [WAYFless URLs] Wolfgang Pempe
@@ Line 14: / Line 14: @@
 ===== DFN's central Discovery Services =====
-We run public Discovery Services that can be used by SP operators. These Discovery Services fetch information about available IdPs from the current metadata for DFN-AAI (Advanced), DFN-AAI-Basic, DFN-AAI-Test, and eduGAIN.
+We run public Discovery Services that can be used by SP operators. These Discovery Services fetch information about available IdPs from the current metadata for DFN-AAI, DFN-AAI-Test, and eduGAIN.
   * For Shibboleth SPs, the integration is documented on the page about [[en:production#discovery_service|Production]].
@@ Line 36: / Line 36: @@
   * [[https://www.ukfederation.org.uk/library/uploads/Documents/WAYFlessGuidance.pdf|Best Practice: WAYFless Access to Resources - Configuring on a Service and Using in a Portal]] (very detailed)
-  * [[https://spaces.internet2.edu/display/inclibrary/Best+Practices|Best Practice recommendations of the US federation InCommon]]
+  * [[https://spaces.internet2.edu/display/inclibrary/Best+Practices|Best Practice recommendations of the US federation InCommon]] (Best Practice #2)
 Some SP operators have documented the generation of WAYFless URLs for their platform:
   * [[https://www.conf.dfn.de/beschreibung-des-dienstes/aai-freischaltung/|DFNconf and DFN-Webconf]] (in German)
-  * [[https://www.elsevier.com/solutions/sciencedirect/support/federated-authentication-through-saml|Elsevier for ScienceDirect]]
+  * [[https://service.elsevier.com/app/answers/detail/a_id/28537/supporthub/elsevieraccess/|Elsevier]]
-  * [[https://springeronlineservice.freshdesk.com/support/solutions/articles/6000085989-what-is-a-wayfless-url-|Springer Online]]
+  * [[https://idp.nature.com/help/sso#wayfless|Springer Nature]]
   * [[https://www.ukfederation.org.uk/content/Documents/AvailableServices|List of Service Providers in the UK federation]], also applicable for DFN-AAI as URL configuration does not depend on the federation
-==== Konfiguration am Shibboleth SP ====
+==== Configuration on a Shibboleth SP ====
-Bei einem Shibboleth SP hat ein WAYFless URL in der Regel die Form:
+On a Shibboleth SP a WAYFless URL has the format. ''<RESOURCE-LOCATION>'' is the protected URL.<code bash>https://<FQDN_SP_HOST>/Shibboleth.sso/Login?entityID=<ENTITYID_IDP>&target=<RESOURCE-LOCATION></code>
-  https://<FQDN_SP_HOST>/Shibboleth.sso/Login?entityID=<ENTITYID_IDP>&target=<RESOURCE-LOCATION>
+==== Configuration on a SimpleSAMLphp SP ====
+With SimpleSAMLphp a WAYFless URL looks like this by default. ''<AUTH_ID>'' is the name resp. the ID of the authentication source (type: ''saml:SP''), in general ''default-sp''.<code bash>https://<FQDN_SP_HOST>/simplesaml/module.php/core/as_login.php?AuthId=<AUTH_ID>&ReturnTo=<RESOURCE-LOCATION>&saml:idp=<ENTITYID_IDP></code>
-wobei ''<RESOURCE-LOCATION>'' der vom SP geschützte URL ist.
-==== Konfiguration in SimpleSAMLphp ====
-Bei simpleSAMLphp sieht ein solcher URL standardmäßig wie folgt aus:
-  https://<FQDN_SP_HOST>/simplesaml/module.php/core/as_login.php?AuthId=<AUTH_ID>&ReturnTo=<RESOURCE-LOCATION>&saml:idp=<ENTITYID_IDP>
-wobei ''<AUTH_ID>'' der Name bzw. die ID der betreffenden Authentication Source (Typ: ''saml:SP'') ist, üblicherweise ''default-sp''.
 {{tag>wayf discovery eds}}

wayf discovery eds