README.markdown in shibboleths_lil_helper-1.0.5 vs README.markdown in shibboleths_lil_helper-1.0.6

- old
+ new

@@ -9,14 +9,21 @@ * __Verifying metadata consistency__ across sites & hosts associated with particular Shibboletht SP entity_id. * __Dividing high level auth specs from actual NativeSp configuration__ * Programmers can focus on high level goals like "protect files underneath the '/secure' directory on 'somewebsite.com'" rather than grappeling with the bewildering complexity of the NativeSp's interrelated XML files, the Shibboleth protocal, SAML, etc. -__This code is under active development as of 11/12/2011__. -Please watch this Github repo or periodically check CHANGLOG.markdown to stay to up-to-date. +Staying up-to-date +------------------ +__This code is under active development__. -Use `gem update shibboleths_lil_helper` to get the most current version. +* Create a Github issue to report problems you might be having with the + tool. +* See CHANGLOG.markdown for the changes associated with each gem release +* See TODOS.markdown for changes that we're thinking about + incorporating. Send me (Joe) a message on Github (joegoggins) or email + if you have other things you are thinking of. +* Use `gem update shibboleths_lil_helper` to get the most current version. Why another tool? ----------------- We needed something that could help manage shibboleth SP configuration consistently with minimal manual work for: @@ -25,10 +32,18 @@ * each running iis6, iis7, or Apache 2.2 * each hosting many vhosts (aka sites) * each running PHP, Rails 2 + 3, classic ASP, or .NET * each running the Apache/IIS Native Service Provider +Assumptions +----------- +* __shibboleth-2.4.3 is installed on your target hosts__. Versions greater than this should + work too, but have not been tested. +* Each host integrates with a single Identity Provider, not multiple. +* (for Apache) The Shibboleth apache module is loaded globally for all + vHosts. (This doesn't mean that it requires auth globally--just available). + Installation ------------ * Pre-requisites * Ruby: http://www.ruby-lang.org/en/downloads/ * Rubygems: http://rubygems.org/pages/download @@ -84,18 +99,10 @@ * What is the Service Provider entity ID you'd like to use? A simple convention is to have a dev entity for "development" or "staging" apps and one for production stuff. You might consider https://YOUR_ORG.umn.edu/shibboleth/dev_default or https://YOUR_ORG.umn.edu/shibboleth/prod_default -Assumptions ------------ -* Each host integrates with a single Identity Provider, not multiple. -* (for Apache) The Shibboleth apache module is loaded globally for all - vHosts. (This doesn't mean that it requires auth globally--just available). -* shibboleth-2.4.3 is installed on your target hosts. Versions greater than this should - work too, but have not been tested. - Concept ------- All configuration and authentication specs for all Shibboleth SP instances are specified in a single ruby parseable `shibboleths_lil_helper/config.rb` file. From these specs, slh is capable of generating all of the required XML files you will need to integrate with a Shibboleth Identify Provider (Idp). The following breaks down the essential steps. @@ -225,8 +232,8 @@ * David Peterson, Office of Institutional Research * Debbie Gillespie, Computer Science and Engineering * Eva Young, Office of Institional Compliance * Josh Buysse, CLA Office of Information Technology * Aaron Zirbes, Environmental Health Sciences - +* Rex Wheeler, University of Minnesota Extension Copyright (c) Regents of the University of Minnesota