A simple Perl test script is available from IDS (see below for download link). All centres are required to provide a test URI and make this (or a similar script) avilable and add the URIs the above list.
You can test this script by logging in to CLARIN SPF Interoperability Test Page
To setup perform the following steps:
- Create a directory, e.g. named ‘secure’ in your webroot
- Copy the script to this directory
- Add the following snippet to your apache configuration
# NOTE: the location needs to match the directory name!
<Location /secure>
AuthType shibboleth
ShibRequestSetting requireSession 1
ShibRequestSetting exportAssertion 1
require shibboleth
Options +ExecCGI
AddHandler cgi-script .pl
DirectoryIndex shib_test.pl
# Examples for customizing script
# SetEnv SHIBTEST_ATTRIBUTES_REQUIRED "eduPersonPrincipalName:eppn eduPersonTargetedID:persistent_id"
# SetEnv SHIBTEST_ATTRIBUTES_OPTIONAL "eduPersonScopedAffiliation:affiliation:eduPersonAffiliation cn displayName"
# Uncomment the following, if you want to enable support for lazy session instantiation
# SetENV SHIBTEST_LAZY true
# These are usually guessed correctly by the script, but adjust to you local URIs for lazy session instantiation
# SetEnv SHIBTEST_LOGIN_URI "https://sp.example.org/Shibboleth.sso/Login"
# SetEnv SHIBTEST_LOGOUT_URI "https://sp.example.org/Shibboleth.sso/Logout"
</Location>
You can use SetEnv directives to customize the behavior of script. E.g., you can define aliases for an attribute by seperating them with a colon.
Download: shib_test.pl
If you want a dump of the raw SAML assertions, you need to install XML::Twig and configure the SP to export the assertions (see Shibboleth docs[1])