The Shibboleth Service Provider has good documentation, and so this is not a complete/worked example of how to configure it. Instead, this provides the SAFIRE-specific snippets you may need when working through that documentation. Installing Shibboleth Service Provider Note that some package repositories ship out-of-date and vulnerable versions of the Shibboleth SP. However, the Swiss federation operator (SWITCHaai) maintains up-to-date packages for Debian and Ubuntu. Choose an entityID Perhaps the single most important thing you can do is choose an entityID, which you’ll find in the stanza in shibboleth2.…

These instructions are based on the Shibboleth documentation and have not been extensively tested. If you use Shibboleth IdPv4, please feel free to submit revisions if necessary. The Shibboleth Identity Provider has good documentation, and so this is not a complete/worked example of how to configure it. Instead this provides the SAFIRE-specific snippets you may need when working through that documentation. Configuring a metadata provider to fetch SAFIRE metadata The Shibboleth Identity Provider provides a FileBackedHTTPMetadataProvider that allows you to periodically fetch metadata.…