Useful GFIPM Reference Federation Information

The GFIPM Reference Federation contains useful test documentation as well as reference SPs and IDPs, the Discovery Service, and the signed federation trust fabric document. These items are summarized below with their respective URLs.

• GFIPM Reference Federation Home: http://ref.gfipm.net/
  This Web site offers an introduction to current members and prospective members of a GFIPM federation for the purpose of getting started using the GFIPM Reference Federation. The GFIPM Reference Federation is a public federation that agencies interested in GFIPM are invited to join to learn more about operating within a federation. Topics covered on this Web site include the following:
  • Overview and purpose
  • Information for participating
  • Members and their reference resources
  • Downloads page
  • FAQ
  • How to get more help
• Reference Federation Downloads
• Reference Federation FAQ - A bit centric to Shibboleth deployments.
• Reference SP: https://rhelsp.ref.gfipm.netThis test Service Provider contains one Shibboleth Protected Resource, which acts as a protected resource that requires authentication at a GFIPM Reference Federation IDP. When you try to use the resource, you will be redirected to the GFIPM Reference Federation's Directory Service.
• Reference IDP: https://rhelidp.ref.gfipm.netThis test Identity Provider contains multiple test GFIPM user attribute sets for use by federation members in SAML assertions for testing. These attribute sets are suitable for testing a new Service Provider in the GFIPM Reference Federation. The attribute sets represent identities with a wide variety of authentication and privilege information. There are also multiple similar user attribute sets that vary only slightly among themselves so that testers can observe small privilege changes on their SPs.Important: Because these user attribute sets do not represent real people, they must not be used to access live data.
• GFIPM Reference Federation IDP Discovery Service (DS): http://ref.gfipm.net/ds/The DS is a service that performs the task of discovering the user's IDP and providing that information to the SP so that the SP knows which IDP to use in the subsequent SSO process.
• Federation Trust Fabric File: http://ref.gfipm.net/gfipm-signed-ref-metadata.xml A document signed by the Federation Manager Organization, containing trusted information about each IDP and SP in the federation. It includes X.509 certificate data for each software entity, as well as a GFIPM Entity Assertion providing various informational attributes about each entity. This GFIPM Trust Fabric is the cryptographic trust anchor for all federation transactions. Before any new SP or IDP can join the GFIPM Reference Federation, the federation manager must first enter it into this file. All operational SPs and IDPs must download and use this file. In addition, the providers must periodically check for new versions and download them (new versions are typically announced to the participant administrators by e-mail).
• CISA Reference SP: https://cisasp.swbs.gtri.gatech.eduThis is a complete test version of the CISAnet production SP with test resources and access control rules suitable for testing IDPs and test user identities.