I'm the developer of a room-scheduling system used by several different labs/departments at MIT, including MIT Economics. We're currently adding support for Touchstone authentication, and Andy Dorner passed along your guide:
First, I wanted to say that this has been extremely helpful since we also decided to directly implement a SAML Service Provider rather than using Shibboleth SP. Thank you!
I have one suggestion for the guide. I don't believe ngrok is necessary for local testing of a SAML SP against https://samltest.id/ (the new incarnation of http://www.testshib.org/). I produced SAML SP metadata containing localhost URLs, uploaded it to samltest, and everything worked fine. I think this is because there is no back-channel communication at all - i.e. samltest never actually talks directly to the SP; everything goes through the user's browser. So if the browser is on my machine, the localhost URLs will be interpreted correctly.
Anyway, thanks again for publishing your SAML/Touchstone guide and I hope this small bit of feedback is helpful.
Hi @JPrevost,
I'm the developer of a room-scheduling system used by several different labs/departments at MIT, including MIT Economics. We're currently adding support for Touchstone authentication, and Andy Dorner passed along your guide:
https://github.com/MITLibraries/guides/blob/master/authentication/touchstone_saml.md
First, I wanted to say that this has been extremely helpful since we also decided to directly implement a SAML Service Provider rather than using Shibboleth SP. Thank you!
I have one suggestion for the guide. I don't believe ngrok is necessary for local testing of a SAML SP against https://samltest.id/ (the new incarnation of http://www.testshib.org/). I produced SAML SP metadata containing localhost URLs, uploaded it to samltest, and everything worked fine. I think this is because there is no back-channel communication at all - i.e. samltest never actually talks directly to the SP; everything goes through the user's browser. So if the browser is on my machine, the localhost URLs will be interpreted correctly.
Anyway, thanks again for publishing your SAML/Touchstone guide and I hope this small bit of feedback is helpful.
Bill Gross EnduraCode