Shibboleth at NC State » Changes and Announcements » Nov 30, 2015 - Added Host

Nov 30, 2015 - Added Host


We are currently running as a monolithic web host. It runs both of our different Identity Providers, provides a discovery service, provides our federation metadata repository, and hosts our documentation. As we look forward to deploying IdP v3 sometime in early 2016, it has become clear that we need to break up this monolith into separate servers. The first part of this split is to redeploy our web content to another host, where it can run independently from the two IdP services.

What will be changing

Info for Shibboleth Users

You should not notice any differences in our services following these changes.

Info for SP Owners

If you are running a Service Provider on one of your own servers, you will need to consider these updates:

Info for IdP Owners

This probably only applies to the Library: If you are running your own IdP service in the NCSU Federation, you will need to update your IdP configuration to use the new metadata URLs. Here's an example of how we will be updating our IdPs:

    cd $IDP_HOME/conf
    vi relying-party.xml
        # Make the same changes as for the SP:
        # Find and change the MetadataProvider metadataURL
        # DO NOT CHANGE the federation entityID
    # restart your IdP servers by your normal process

IdP v3 and the Future

IdP version 2 has reached end-of-life, and will start to lose support on Dec 31, 2015. InCommon wants to expand their federation services on Feb 15, 2016. They recommend that all IdPs be running v3 by that date if possible. The hard end-of-support date for IdP v2 is July 31, 2016. We must be finished with our upgrades by then.

We are completely re-architecting our Shibboleth IdP services to support IdP version 3.x. We are trying to make minimal URL changes to our services, but not everything will be possible under the new design. Some additional changes that will be coming up include: