A little planning goes a long way...
If you are installing SP software for use with MyAccess, please read the entire MyAccess Integration ToolKit articles first. It contains important tips and checklists designed to help make your integration as painless as possible.
Installing and Configuring Service Provider (SP) Software
The below page lists SAML Service Provider software packages that are compatible with MyAccess. The information in this section is a reference for setting up SP software, but it is not authoritative. For the Shibboleth SP package, the most complete documentation is on the Internet2 Shibboleth wiki site:
A Shibboleth SP workshop PowerPoint presentation can be downloaded here..
For most applications, we recommend using the Shibboleth SP (Service Provider) software. If you're not sure which SAML SP software to pick, try Shibboleth first.
The Shibboleth SP software runs on Apache or IIS on Windows, and on Apache on most UNIX-type operating systems. Please see the links below for detailed instructions on a particular platform.
- General Shibboleth SP Setup
- RedHat Linux/CentOS Setup
- Windows and IIS Setup
- Ubuntu/Debian Linux Setup
- openSUSE Linux Setup
- FreeBSD Setup
- Linux/UNIX Compile and Setup
- Configure Shibboleth SP to Request Duo MFA (currently for MyAccess Stage only)
If you run into trouble, try our Shibboleth SP Troubleshooting guide.
simpleSAMLphp is a SAML Service Provider written in PHP. It will work on any web server that renders PHP. Several popular applications support simpleSAMLphp, including Mahara, which powers the School Of Medicine's UCSF Portfolio site.
- simpleSAMLphp Service Provider
- Configure simpleSAMLphp to Request Duo MFA (currently for MyAccess Stage only)
As SAML becomes more popular, commercial vendors are adding support for the protocol directly to their applications. Before you attempt to install SP software, check to see if your application supports SAML2 out of the box.
Integrating with Applications
Here are instructions for integrating with a few popular applications:
Finding Additional Installation Help
Feel free to contact the Identity and Access Management team with any questions at firstname.lastname@example.org.
In addition, we encourage everyone installing the Shibboleth software to join Internet2's Shibboleth User Discussion List. The shib-user list is the primary technical support resource for Shibboleth.