New pages
From GFIPM Implementation Wiki
- 14:27, 19 June 2018 OIDC RP (hist) [1,624 bytes] Jeff.Krug (Talk | contribs) (Created page with "==About== This page is a brief introduction to deploying an Open ID Connect RP with mod_auth_openidc. There are many, many ways to do this as there are numerous libraries tha...")
- 19:10, 24 May 2018 NIEF Attributes within OIDC (hist) [2,974 bytes] Jeff.Krug (Talk | contribs) (Created page with "==About== This page offers a discussion on the use of NIEF Attributes within OIDC as user claims. There are many viable approaches and no formally specified methodology for d...")
- 18:38, 24 May 2018 MITREid Connect (hist) [4,887 bytes] Jeff.Krug (Talk | contribs) (Created page with "==About== This page is a brief introduction to deploying MITREid Connect with support for NIEF Attributes/Claims. ==Deploying== ===Customizing=== ==NIEF Attributes==")
- 15:14, 5 September 2017 Tomcat Startup Script (hist) [1,350 bytes] Jeff.Krug (Talk | contribs) (Created page with "<nowiki><pre> #!/bin/sh # # Tomcat Startup Script # # chkconfig: 235 90 90 # description: Loads up the Apache Tomcat Application Server # processname: tomcat # config: /opt/to...")
- 18:41, 24 August 2017 Assure-shibboleth2.xml (hist) [8,257 bytes] Jeff.Krug (Talk | contribs) (Created page with "<pre> <nowiki> <SPConfig xmlns="urn:mace:shibboleth:2.0:native:sp:config" xmlns:conf="urn:mace:shibboleth:2.0:native:sp:config" xmlns:saml="urn:oasis:names:tc:SAML:2.0...")
- 18:41, 24 August 2017 Assure-attribute-map.xml (hist) [4,945 bytes] Jeff.Krug (Talk | contribs) (Created page with "<pre> <nowiki> <Attributes xmlns="urn:mace:shibboleth:2.0:attribute-map" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <Attribute name="gfipm:2.0:user:LocalId"...")
- 18:39, 24 August 2017 Assure-apache24.config (hist) [1,468 bytes] Jeff.Krug (Talk | contribs) (Created page with "<nowiki> # https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPApacheConfig # RPM installations on platforms with a conf.d directory will # result in this file being...")
- 18:34, 24 August 2017 Assure Deploy (hist) [6,381 bytes] Jeff.Krug (Talk | contribs) (Created page with "== About == This page is focused on how to deploy the ASSURE Toolset to a Windows Server. == Shibboleth Service Provider == === Required Software === Download the Shibbolet...")
- 18:20, 13 December 2016 Shibboleth IDP3 Notes (hist) [1,431 bytes] Jeff.Krug (Talk | contribs) (Created page with "==About== This page is mostly just brainstorming about the use of IDP3. ==Attributes from HTTP Headers== If anyone else should want to do this, this is an example of a Script...")
- 00:14, 19 August 2015 Simple SAML PHP (hist) [12,719 bytes] Jeff.Krug (Talk | contribs) (Created page with "== About == This page enumerates some configuration methodologies for Simple SAML PHP when trying to configure for use as a GFIPM/NIEF Identity Provider. == Attributes == TBD...")
- 14:50, 16 March 2015 ADFS 3.0 Configuration Guide (hist) [606 bytes] Jeff.Krug (Talk | contribs) (Created page with "{| !class="gfipmnav"|Main Page |} ADFS 3.0 is Microsoft's current Windows Server component that enables Single Sign On. It inc...")
- 22:03, 6 August 2014 Two Factor Authentication with Shibboleth (hist) [7,253 bytes] Jeff.Krug (Talk | contribs) (Created page with "==About== One option for enabling multi-factor authentication for Shibboleth is to use the [https://wiki.shibboleth.net/confluence/display/SHIB2/Multi-Context+Broker Multi-Con...")
- 19:37, 31 March 2014 SecureAuth Implementation (hist) [737 bytes] Jeff.Krug (Talk | contribs) (Created page with "==About== SecureAuth is a Windows Server based SAML Product. They have done extensive GFIPM interoperability testing and have detailed information about configuring their produc...")
- 20:07, 14 February 2014 Editing SAML2 Metadata (hist) [3,094 bytes] Jeff.Krug (Talk | contribs) (Created page with "==About== This provides a brief overview of how to edit SAML2 Metadata. ==Editor== It is generally a very good idea to have an XML aware editor when you are editing XML. It doe...")
- 01:42, 13 February 2014 NetIQ Access Manager (hist) [5,450 bytes] Jeff.Krug (Talk | contribs) (Created page with "{| !class="gfipmnav"|Main Page |} __NOTOC__ == About == This page discusses some of the configuration issues with NetIQ Access Man...")
- 20:19, 18 November 2013 ASP.NET Shibboleth Debug (hist) [1,600 bytes] Jeff.Krug (Talk | contribs) (Created page with "[http://code.msdn.microsoft.com/ASPNET-Diagnostic-page-to-9a029c20 Microsoft's Official Page]")
- 20:19, 30 September 2013 F5 Implementation (hist) [1,940 bytes] Jeff.Krug (Talk | contribs) (Created page with "== About == This page enumerates some outstanding issues using F5 as a SAML Service Provider within NIEF. == Issues == Be aware that some of these issues may eventually be fixed...")
- 20:09, 22 May 2013 Configuring Shibboleth IDP to use SHA-256 (hist) [1,063 bytes] Jeff.Krug (Talk | contribs) (Created page with "== About == The Shibboleth IDP by default signs all SAML Assertions/Responses with SHA-1. The Federal Government has been pushing a move to the use of SHA-256 since 2010, and i...")
- 18:17, 13 September 2012 Generating Certificates with OpenSSL (hist) [5,752 bytes] Jeff.Krug (Talk | contribs) (Created page with "To generate a self-signed certificate that conforms to the NIEF Certificate Policy use the following command: $ openssl req -x509 -sha256 -nodes -days 1826 -newkey rsa:2048 -ke...")
- 20:25, 10 August 2011 Holder of Key (hist) [3,473 bytes] Jeff.Krug (Talk | contribs) (Created page with "== About == The phrase "Holder of Key" (HoK) has two meanings in the context of SAML. It is a SAML Subject Confirmation Method, and in this capacity it is supported by many SAM...")
- 19:02, 11 July 2011 Configuring Multiple Login Handlers (hist) [2,403 bytes] Jeff.Krug (Talk | contribs) (Created page with "{| !class="gfipmnav"|Main Page |} Some Identity Providers may support multiple login methods (Username/Password and Certificates)....")
- 17:47, 31 May 2011 Shibboleth Known Issues (hist) [322 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "{| !class="gfipmnav"|Go back |} == Known Issues == The Shibboleth SP is typically installed on the Tomcat application server [Tomcat], which may b...")
- 17:45, 31 May 2011 Shibboleth Service Provider Installation (hist) [4,840 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "{| !class="gfipmnav"|Go back |} == Service Provider Installation == The Shibboleth Service Provider (SP) is a stand-alone daemon running as a back...")
- 17:42, 31 May 2011 Shibboleth Identity Provider Installation (hist) [6,260 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "{| !class="gfipmnav"|Go back |} == Identity Provider Installation == The Shibboleth Identity Provider (IDP) is a standard Java Web application bas...")
- 17:26, 31 May 2011 Shibboleth Hardware Recommendations (hist) [2,561 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "== Hardware Recommendations == This section describes the basic hardware, operating system, Web server, and network requirements for participants who choose to use Shibboleth in ...")
- 18:45, 27 May 2011 Useful GFIPM Reference Federation Information (hist) [3,560 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "= Useful GFIPM Reference Federation Information = The GFIPM Reference Federation contains useful test documentation as well as reference SPs and IDPs, the Discovery Service, and...")
- 17:02, 27 May 2011 Reference IDP Discovery Service (hist) [888 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "= Reference IDP Discovery Service (DS) = The final reference component in the GFIPM Reference Federation is the IDP Discovery Service (DS). The DS allows a convenient means for ...")
- 16:32, 27 May 2011 Reference Service Provider (hist) [2,347 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "{| !class="gfipmnav"|Go back |} = Reference Service Provider (SP) = In addition to deploying reference IDPs, GTRI has also deployed two reference...")
- 16:13, 27 May 2011 Reference Identity Provider (hist) [2,641 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "{| !class="gfipmnav"|Go back |} = Reference Identity Provider (IDP) = GTRI deployed two reference IDPs in the pilot federation. Both IDPs are ba...")
- 17:44, 24 May 2011 Profiles and Techniques for Existing Resources (hist) [2,850 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "{| style="background-color:#CCCCCC" cellspacing="0" | Go back |} = Profiles and Techniques for Existing Resources = To provide a more concrete...")
- 17:38, 24 May 2011 Resource Integration Techniques (hist) [5,548 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "{| style="background-color:#CCCCCC" cellspacing="0" | Go back |} = Resource Integration Techniques = The following resource integration profi...")
- 17:21, 24 May 2011 Resource Integration Profiles (hist) [2,970 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with " = Resource Integration Profiles = The following resource integration profiles are based on common categories of resources and applications. Their purpose is to help resource ow...")
- 15:03, 23 May 2011 Oracle Identity Federation SP (hist) [561 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with " == Oracle Identity Federation SP == Identity Federation is a commercial product marketed by Oracle ([http://www.oracle.com/ www.oracle.com]). It is part of the Oracle Identity ...")
- 15:01, 23 May 2011 Sun OpenSSO SP (hist) [1,151 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "== Sun OpenSSO SP == The Sun Open Web SSO project (OpenSSO, https://opensso.dev.java.net/) provides core identity services to simplify the implementation of transparent single s...")
- 14:59, 23 May 2011 CA Federation Manager SP (hist) [759 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "{| style="background-color:#CCCCCC" cellspacing="0" | Go Back |} == CA Federation Manager SP == Federation Manager is a commercial product marketed by...")
- 14:56, 23 May 2011 Ping Identify PingFederate SP (hist) [437 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with " PingFederate is a commercial product marketed by Ping Identity ([http://www.pingidentity.com/ www.pingidentity.com]). It supports Internet Single Sign-On, Internet User Account ...")
- 15:49, 22 May 2011 Shibboleth SP (hist) [1,203 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with " Shibboleth is a standards-based, open-source software package for Web single sign-on across or within organizational boundaries. It allows sites to make informed authorization ...")
- 16:41, 18 May 2011 Fill Out a Local Access Policy Mapping Form (hist) [4,430 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "== Fill Out Local Access Policy Mapping Form == This section will help you fill out a Local Access Policy Mapping Form to translate your plain-English access policies into Boole...") originally created as "Fill Out Local Access Policy Mapping Form"
- 16:36, 18 May 2011 Develop Access Control Rules (hist) [1,437 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with " Develop Access Control Rules This section uses the business rules from the previous section to guide you through the process of codifying the rules in terms of the GFIPM user...")
- 18:36, 16 May 2011 How to Develop a GFIPM Information Sharing Plan for a Service Provider (hist) [1,274 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with " # Identify Local Resources # Determine Business Rules for Resources") originally created as "Develop an Information Sharing Plan"
- 17:50, 16 May 2011 Determine Business Rules for Resources (hist) [1,140 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "== Determine Business Rules for Resources ==")
- 17:42, 16 May 2011 Identify Local Resources (hist) [2,131 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "{| style="background-color:#CCCCCC" cellspacing="0" | Procedure Introduction | align="center" width="20px" | <nowiki>|</nowiki> | [[Submit...")
- 20:00, 9 May 2011 Oracle Implementation (hist) [1,212 bytes] Matt.Moyer (Talk | contribs) (Created page with "This page contains documentation describing the setup of a GFIPM IDP using the Oracle Identity Federation (OIF) product and setup of a GFIPM SP with the Oracle Entitlement Server...")
- 18:33, 6 April 2011 Trust Fabric Conformance Tests (hist) [2,624 bytes] Jeff.Krug (Talk | contribs) (Created page with "GFIPM has numerous requirements associated with how members use [http://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf SAML 2 Metadata] documented in both the [h...")
- 18:35, 1 March 2011 Attribute Data Store (hist) [1,255 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "{| style="background-color:#CCCCCC" cellspacing="0" | Go Back |} The attribute data store integrates with the IDP core software module via an attrib...")
- 18:34, 1 March 2011 Web Single Sign-On System (hist) [588 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "{| style="background-color:#CCCCCC" cellspacing="0" | Go Back |} The Web single sign-on (SSO) system integrates with the IDP core software module vi...")
- 18:32, 1 March 2011 IDP Integration Points (hist) [1,246 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "{| style="background-color:#CCCCCC" cellspacing="0" | Go Back |} Implementing an IDP in a federation requires that two integration issues be address...")
- 18:30, 1 March 2011 Web Servlet Container (hist) [1,013 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "{| style="background-color:#CCCCCC" cellspacing="0" | Go Back |} A Web servlet container is often required on a GFIPM IDP to run the IDP core softwa...")
- 18:28, 1 March 2011 IDP Core Software Module (hist) [1,286 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with " The IDP software module, depicted by the blue box ("Shibboleth IDP Middleware") in the above diagram, consists of a set of interfaces, called integration points, which must be ...")
- 18:09, 1 March 2011 IDP Components (hist) [629 bytes] Lee.Dellenbaugh (Talk | contribs) (Created page with "== IDP Components == An IDP consists of several logical components. Using a Shibboleth IDP as an example, the IDP components are illustrated in the following diagram and discuss...")