Please see IQSS/dataverse.harvard.edu#346 for details.
@donsizemore started the effort there, since early on it seemed like it would be possible to work around this by changing shibd configuration alone.
Much simplified:
InCommon-metadata.xml feed is going away.
MDQ protocol is the recommended replacement.
However, the InCommon-metadata.xml feed is what shibd uses to generate "discofeed" (/Shibboleth.sso/DiscoFeed) which in turn the Login page uses to generate the list of participating institutions and cook the redirects to such once the user picks the one they want to use.
Under the new model, there is no local discofeed and no list of providers on the page. A user selecting federated shib auth. on our page is redirected to the InCommon page and their specific provider is selected there. The page needs to be reworked in order to function with this new mechanism.
Please see IQSS/dataverse.harvard.edu#346 for details.
@donsizemore started the effort there, since early on it seemed like it would be possible to work around this by changing shibd configuration alone.
Much simplified:
InCommon-metadata.xml feed is going away.
MDQ protocol is the recommended replacement.
However, the InCommon-metadata.xml feed is what shibd uses to generate "discofeed" (
/Shibboleth.sso/DiscoFeed) which in turn the Login page uses to generate the list of participating institutions and cook the redirects to such once the user picks the one they want to use.Under the new model, there is no local discofeed and no list of providers on the page. A user selecting federated shib auth. on our page is redirected to the InCommon page and their specific provider is selected there. The page needs to be reworked in order to function with this new mechanism.