Test The test environment is set up with several docker Docker containers with a reverse proxy in front of them, all hosted on a single virtual machine (VM).
Main The main domain is maiv1.incubator.geant.org, also with supplemented by the registered wildcard domain *.maiv1.incubator.geant.org, which enables having any allowing for an unlimited number of subdomain virtual hosts.
Virtual host certificates are obtained using acme.sh: , available at https://github.com/acmesh-official/acme.sh
The Git repo of repository for the whole entire setup is internally available here (expect heavy significant changes during Incubator activity): https://gitlab.software.geant.org/TI_Incubator/saml-signature-validation-test-env
Test IdP
Test The test IdP is a SimpleSAMLphp v2.1 instance with a configured IdP and installed 'conformance' module (authentication processing filter) which that can modify SAML Responses sent to the trusted SPs, with perpre-configured trust for several test SPs.
...
- testId
- valid values: standardResponse|noSignature|invalidSignature
- example: noSignature
- spEntityId
- valid values: any trusted SP Entity ID
- example: urn:x-simplesamlphp:geant:incubator:simplesamlphp-sp:good-sp
For example, to define specify that the next test for the SP 'urn:x-simplesamlphp:geant:incubator:simplesamlphp-sp:good-sp' should be the one which that doesn't sign the SAML Response:
...
SimpleSAMLphp v2.1 instance with configured SPs listed below. It has is featuring a code modification to skip signature checks for 'bad' SP, SPs for simulation purposes.
Admin dashboard: https://simplesamlphp-sp.maiv1.incubator.geant.org/simplesaml/module.php/admin/
...