The Identity Provider (IdP) is a piece of software that
- can speak the SAML2 protocol with the other federation participants,
- and can get user data from your backend directories and/or databases.
Belnet will document the first part. The 2nd part is something that varies from organization to organization, making it impossible to build comprehensive documentation. There are 2 well-documented, open source implementations of SAML2 that are common in academic federations like the Belnet R&E Federation: Shibboleth and SimpleSAMLphp.
Shibboleth uses Java and Tomcat while SimpleSAMLphp is based on PHP. Belnet has choosen the Shibboleth implementation, and, while you may use SimpleSAMLphp, we will only give some support for Shibboleth as the official Shibboleth website and mailing list are authoritative.
These pages give you all the necessary informations to setup your IdP :
- IdP with Shibboleth 3.1.2 on Ubuntu Linux (from version 14.04 LTS)
- Windows with ADFS: ADFS 3.0 IdP for windows2k12 in Belnet Federation
- Windows : you may also read this useful document from KULeuven :