Navigation
- Overview
- Strategy and Planning
- Server preparation
- LDAP Configuration
- Migrating config and data
- Testing
- Go Live
- Upgrading and maintenance
AAF IdP Installer Home
Developed at
Open Source code hosted at
Testing Your IdP 
Thoroughly testing your IdP is essential before you release it to your users. Any errors found after the release will be mush more difficult to resolve.
###Testing from your desktop From a desktop where the local hosts file has an entry for the new server with the old name.
- Windows: C:\Windows\System32\drivers\etc\hosts
- Linux: /etc/hosts
Continuous testing as you progress
- don’t assume it will all work the first time through
- test after every upgrade_idp.sh script run
- using multiple accounts if possible
###Attribute Validator Use the Attribute Validator, it’s a testing tool provided by the AAF just for this purpose.
-
Verify the attributes values match those you recorded at the start of your upgrade.
-
Have several people do this test, both before and after the upgrade
If you get an Error 500 from the Attribute Validator it generally means the SharedToken value has changed for the user.
###Other Federation Services Verify against as many services that you have previously visited
Some examples may include:
If you have visited them before you should be recognized at the service, ie the dashboards should contain the same information as if you logged in using your IdPv2
Test ALL of your bi-lateral services.
###INSIDE And OUTSIDE your firewall
Ensure you test your IdP from multiple locations
- On campus
- Off campus - with no VPN
- Off campus - via your VPN
This will ensure all corporate firewalls and IPS systems are configured correctly.
###ECP Testing
Your new IdP will have ECP enabled. You can do some initial testing now, but you will need to do some advanced test after you go live.
For now you can exercise the ECP end point:
https://YOUR.SERVER.DOMAIM.NAME/idp/profile/SAML2/SOAP/ECP
If working correctly you will receive a Dialogue Login Box. If you now enter a valid username you will receive some xml with “An error occurred.” imbedded.
###Restart the server The ultimate test is to restart the server. This will verify that all of the components restart correctly and connection to external services such as your LDAP server re-connect.
You should re-run all of your testing after the system re-boots.
##Next Step Your new IdP is now fully tested, it’s time to go live.