Once the IdP has been tested you need to complete the install. Below are some of the tasks you should consider. You should consult IdPConfiguration for further details.
A suitable certificate should be installed to protect the browser facing port.
Adding other attributes
You can modify the attributes which are released as per IdPAddAttribute.
Configure your IdP to work with a new federation.
As installed the IdP can be tested against the Testshib SP. In order to run against another federation you need to edit relying-party.xml to
- Remove the references to Testshib
- Add a reference to your Federation's metadata
- Add a reference to the key your Federation operator uses to sign the metadata
There is a program shipped with the installer to automate this operation. Configuration details for the UK Federation and InCommon are available, others may be available from your Federation operator.
To convert an existing installation to run with (for instance) the UK Federation
- Stop tomcat
- Run the setFed program in a Windows command box with a suitable configuration file
Recreating the WAR file
If you change the JavaServer Pages (JSP) files, or need to regenerate the WAR file for any other reason, it suffices to open a command prompt and from within it cd into the Shib2IdpInstall subdirectory of the installation directory and type 'install'.
Installing new versions of the component software (Tomcat and the IdP)
This should be done as per the instructions supplied with the new components.