Participants

Name	Organisation
Hannah Short	CERN

Name	Organisation	Role
Alan	GÉANT	Core team member
Andrej	KU	Core team member
Martin	SURF	Core team member
Uros	KIT	Core team member

Name	Organisation	Role
Hannah Short	CERN	REFEDS Representative
Nicole Harris	GÉANT	Head of T&I Operations
Alex Stuart	JISC	Community Representative

Activity overview

This activity seeks to provide an easy-to-use, user-configurable test Identity Provider.

The aim of this activity is design and implement a fully functional SAML IdP that can be used to perform individual integration test by community members.

Activity Details

This activity creates a freely available, realistic test IdP for the GÉANT community. Based on the needs of the GÉANT community, the solution may offer SAML, OIDC and supports all the latest best practices.

In the past, there were similar offers like UnitedID or samltest.id. However, the UnitedID solution does no longer exist and samltest does not support required features like the release of R&S.

To achieve this task, the Incubator has to define the use cases which are needed by the community. The requirements and use cases for such a service will be defined in collaboration with a group of community representatives. Potential features of such a tool are:

Test for a specific set of attributes
Create an account to save a test profile
An open (REST) API to configure the IdP using a (web) client

There are different potential business cases for deployment: as part of the eduGAIN support tools, by GÉANT operations or NREN hosted.

Operators need a reliable way to test their providers. This enables the early detection of errors in the configuration and increases the quality of the entities in eduGAIN in the long term.

It yields some difficulties to ensure the sustainability of such a service

The activity itself does not handle any sensitive data
The service is supposed to be used only for testing using test data
The design of any centrally must consider security and privacy principles

Community requirements and use cases are documented
A solution is designed, implemented and tested
A test deployment is made available and tested by some operators
A sustainability model is defined
The software and supporting resources are provided to the future maintainer

Design, source code and documentation is published publicly
A responsible party to host and manage the service will be defined

Activity Results

Test IdP based on SimpleSAMLphp software including the following test categories:
- R&S Entity category tests
- Behavioural tests
- Generic attribute profile tests
- Refeds Assurance Framework tests
- Error scenario tests
- Experimental profile tests
Test IdP proposed Architecture
Deployment as module for SimpleSAMLphp (available via GÉANT Gitlab): https://gitlab.geant.org/TI_Incubator/test_idp
Test IdP Service User Guide
Demo movie
Test IdP and eduGAIN: Feedback indicated Test IdP should not be part of eduGAIN. Any decision left for eduGAIN steering committee

Meetings

Date	Activity	Owner
01.06.21	Public demo	Niels van Dijk
21.09.21	Final demo	Niels van Dijk

Participants

Activity overview

Activity Details

Activity Results

Meetings

Documents