This appendix is designed to assist system admins installing Single-Sign-Out (SSO) for Shrine (using Shibboleth).

Developer tools

A Decent Book on SAML

Stefan Rasmusson: "SAML 2.0; Designing Secure Identity Federation"

...

IdP (Identity Provider): A web-based system that can authenticate a user on behalf of another system called a SP (for Service Provider).

...

<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shrine-sso-node01.catalyst.harvard.edu/Shibboleth.sso/SAML2/POST" index="1"/>
</md:SPSSODescriptor>
</md:EntityDescriptor>

...