October 20th, Vienna

Federation LabIdentity Federations + eduGAIN

Federation Lab

✤ Test SAML2int Compliance useful for eduGAIN.

✤ Validate metadata – metadata is very important to eduGAIN.

✤ Test eduGAIN attributes

✤ The eduGAIN test federation

✤ Does it exists? Can it be combined with FedLab test fed?

✤ SAML tracer

✤ Web-based debugger

Testing SAML Service Providers

✤ Already working at fed-lab.org

✤ We need to improve the user experience.

✤ Difficult to trace connectivity problems now.

✤ New UI framework is in progress

✤ Common API allows testing of Oauth, SAML and OpenID Connect

✤ Plans for more advanced features: like test result change notifications, machine APIs for test infrastructures etc.

Testing SAML Service Providers

Testing Identity Providers

✤ A bit more complex

✤ Needs to traverse login screens

✤ I hope we will have to include this in the Fed Lab suite

SAML Tracer

✤ Firefox plugin

SAML Tracer

Web-based debugger

Metadata Validation

✤ Ad-hoc validation of metadata for one entity

✤ Used for debugging purposes for administrators that would quality control metadata before exporting to eduGAIN.

✤ Continuous monitoring of the MDS feed for exceptions from the policy.

✤ May be including alerts/notifications or API against monitoring systems support notifications.

Metadata validation»SAMLmetaJS

✤ Javascript editor for metadata

✤ Built-in validation supported (just started)

✤ Used by the PEER project

✤ What about preparing a validation profile customized for eduGAIN metadata profile?

Metadata validation»SAMLmetaJS

Metadata monitoring

✤ Demo generated PDF document

✤ Based upon MDS

✤ as of June 20th 2011

✤ Tons of errors :)

More tools?

✤ Any requests or requirements from eduGAIN?