在shibboleth中选择哪个entityId配置服务提供商(SP)? [英] What entityId to choose to configure Service Provider (SP) in shibboleth?
问题描述
根据 Shibboleth Wiki实体命名,我们不应使用真实主机实体ID,我很困惑该使用什么.实体ID是否有意义,或者我可以选择任何东西?
According to Shibboleth wiki entity naming we should not use real host to the entity id, I am confused what to use. Is there any significance of entity id, or I can choose whatever?
如果在配置后对其进行编辑该怎么办.
What if I edit it after configured.
我需要sso的Web路径是http://exp.uni.edu(这将从http://uni.edu获取身份验证数据),并且SP可以放置在http://exp.uni.edu path.
my web path that will required sso is http://exp.uni.edu(this will get auth data from http://uni.edu) and the SP can be placed at http://exp.uni.edu path.
推荐答案
您应将URI用于服务提供者,而不必使用物理主机的名称.因此,如果您的网站是"exp.uni.edu",但托管在网络服务器panther-web-07.uni.edu上,则可以使用" https://engineering.uni.edu/shibboleth-sp ".并不一定需要EntityID解析,但是它应该使用您的组织拥有/控制的名称空间,并且有朝一日可以解析.
You should use the URI for the service provider, not necessarily the name of the physical host . So, if your site is "exp.uni.edu", but hosted on the webserver panther-web-07.uni.edu, you'd be safe using something like "https://exp.uni.edu/shibboleth-sp" for your SP entityID. If this SP is running on the webserver for the engineering school at UNI, you could also use something like "https://engineering.uni.edu/shibboleth-sp". It is not required that the entityID resolve, but it should use a namespace your organization owns/controls, and may resolve someday.
您的entityID不必与应用程序的DNS名称相同,因为单个服务提供商可以使用在同一Web服务器上运行的不同DNS名称来保护多个应用程序.
Your entityID doesn't necessarily need to be the same as your application's DNS name, since a single Service Provider can protect multiple applications with distinct DNS names running on the same webserver.
您不希望将panther-web-07.uni.edu Web服务器主机名用作您的entityID,因为尽管托管了"exp.uni.edu"站点的服务器名称,但URI用于希望"exp.uni.edu"在服务的整个生命周期内都是静态的.
You wouldn't want to use the panther-web-07.uni.edu webserver hostname for your entityID, because while the name of the server on which the "exp.uni.edu" site is hosted, the URI for the "exp.uni.edu" hopefully will be static throughout the lifetime of the service.
这篇关于在shibboleth中选择哪个entityId配置服务提供商(SP)?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
