Discover Service - where not the national federation

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Discover Service - where not the national federation

Joshua Brodie
We have to set up discovery service(s), where the services do not wish to be in national federations.

There are clusters of 4 services - each with different list of allowed IdPs (also some do not wish to list on national federation).

The 4 services cannot host the EDS as hosted vendor services.

Here is what I thought in the train ride to work:

1- Installed EDS on a stand-alone node (i.e. no SP)
2- Have differing lists of IdPs based on which services redirected to it.

Does the above work? Or come any where close?

TL;DR: I require to run Discover Service outside of the national federation. Where do I get an off the shelf DS?

--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Discover Service - where not the national federation

Cantor, Scott E.
On 1/27/20, 2:36 PM, "users on behalf of Joshua Brodie" <[hidden email] on behalf of [hidden email]> wrote:

> The 4 services cannot host the EDS as hosted vendor services.

It's virtually unimaginable that such a thing is likely to really be federated and needs to support more than a tiny number of IdPs, in which case a DS is merely a page of links/buttons.

> 1- Installed EDS on a stand-alone node (i.e. no SP)

The EDS depends on a JSON feed and there is nothing that produces it but one type of SP. If you want to do the work to produce the feed, it runs fine without an SP.

> 2- Have differing lists of IdPs based on which services redirected to it.

The EDS cannot do that.

> Where do I get an off the shelf DS?

seamlessaccess.org?

-- Scott


--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to [hidden email]