You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
SAML will be required for authentication for the iDC project. For each project domain we will have to generate 1 or more public/private keypairs and coordinate with IT@JH on establishing a trust in the Identity Provider (idP).
This is, also, dependent on HTTPS and DNS being completed.
Tasks
Determine the SAML attributes needed by the application
Determine if we will be running one Service Provider (SP) per project domain or many, one for each environment
For each service provider, we will need to generate a public/private key pair and the associated metadata
Send each public key and metadata file, along with the required attributes to IT@JH to be configured in the idP
Configure each SP with IT@JH provided data (link to metadata, idP hostname, etc)
Configure the required attributes in each SP
Configure each reverse proxy to talk to each SP and configure the protected locations
Risks
Dependent on IT@JH for idP configuration. If they are unwilling or unable to fulfill their end of the process, we are blocked
One single SP is a single source of failure for all environments
Multiple SP instances require that much more maintenance and public/private key pairs
Operations will need to perform this configuration
SAML certificates are 10 years by default
Assumptions
DNS tasks have been completed
HTTPS tasks have been completed
We have determined the number of SPs to run per project domain
We have determined the attributes required by the application
The text was updated successfully, but these errors were encountered:
LEAN Estimate: 3 days, 2x multiplier
SAML will be required for authentication for the iDC project. For each project domain we will have to generate 1 or more public/private keypairs and coordinate with IT@JH on establishing a trust in the Identity Provider (idP).
This is, also, dependent on HTTPS and DNS being completed.
Tasks
Risks
Assumptions
The text was updated successfully, but these errors were encountered: