We’re having trouble figuring out how we should setup a test environment. Our development environments sit behind a firewall and are not on the Domain where our IdP solution will eventually live. The service provider has given us their metadata file and now want a file from us. However I don’t know what to put into this file since the local development PCs are not in the production domain.
FYI: Our solution will require a private data store for authentication. Not AD/LDAP.
any guidance would be appreciated.
Kevin
Will users start at the IdP site (IdP-initiated SSO) or SP site (SP-initiated SSO)?
Your IdP only needs to be accessible from the browser attempting to perform SSO as all communications go via the browser.
What this means in a test environment is that as long as you are testing from within the same test environment (ie running your browser within the same test environment), you will be able to access the IdP and perform SSO.
What won’t work is if the SP attempts to initiate SSO from outside your test environment as they won’t be able to access your IdP located in the test environment.
Let me know whether this is IdP-initiated or SP-initiated SSO and I can provide further suggestions.