...
https://auth.yale.edu/idp/profile/SAML2/POST/SSO
There There is an alternate mechanism in the SAML standard where the application redirects the browser to Shibboleth with the request encoded as a parameter on an GET request, but because the Web standards limit the maximum legal size of a GET URL, this is a dangerous technique and the POST is universally preferred.
...
SAML has a standard configuration file format with all the data for an Identity Provider (Shibboleth) and all the data for a Relying Party. SAML calls this Metadata. Technically an RP only needs the Shibboleth URL and Certificate, and sometimes you just past these two pieces of data into two fields of some configuration form. But sometime the RP will prefer to consume the entire Metadata file and pull these two pieces of information out of it. If you need Metadata, you can get it from the following locations:
Prod Metadata
Test Metadata
Dev Metadata
Production - https://auth.yale.edu/idp/shibboleth
Test - https://auth-test.yale.edu/idp/shibboleth
What Yale Shibboleth Needs to Know
...
Typically the Metadata file will contain a list of the required attributes. For example:
| Code Block |
|---|
<md:AttributeConsumingService index="1"
isDefault="true">
<md:ServiceName xml:lang="en">Mediasite</md:ServiceName>
<md:RequestedAttribute isRequired="true"
Name="urn:mace:dir:attribute-def:eduPersonEntitlement" />
</md:AttributeConsumingService>
|
...