After installing the Shibboleth (SP or IDP) software and joining TestShib, some minor configuration tweaks are necessary to use TestShib. Instructions are product-specific. The TestShib providers' metadata is available to all, but if you're using Shibboleth, here are the specific changes you should make.

Post install IdP Config

To work with TestShib, you'll need to make a couple minor modifications to your configuration. We only really need to change the metadata-providers.xml file, located at /opt/shibboleth-idp/conf/metadata-providers.xml.

We will be creating a new HTTP <MetadataProvider> based on the provided HTTPMetadata example. The new <MetadataProvider> can be created by copying the first 4 lines of the example and changing the backingFile value to something like "%{idp.home}/metadata/testshib.xml" and the metadataURL value to "". Ensure that you end the XML tag properly with />.

Your new <MetadataProvider> should look like the following:

<MetadataProvider id="HTTPMetadataTESTSHIB"

That's all. Restart the JVM container, and it's time to test it out.

The default configuration will send an anonymous name and no attributes. We'll change that later.

Post install SP Config

A sample shibboleth2.xml configuration file for an SP to use to test with TestShib will replace the default configuration. Back up the existing configuration file and let's begin.

Generate and save the right shibboleth2.xml for your installation:


Hostname for your provider:

Overwrite the old shibboleth2.xml by placing this file into the default configuration directory.

Good job. Restart your web server and shibd. It's time to test it out.