In order for the testbed to be successful, we need to provide a description of the architecture and clear requirements to the software vendors that may add their products to it.
The architecture is based on docker. The SAML software to be tested should be available as self-contained docker images. However, we also need to make sure that they can interfederate with each other.
The requirements of this are the following.
Domain Name Resolution: There needs to be a mechanism for discovering what IP addresses got assigned to individual docker images. The docker images should have a local domain name that should be resolved. The initial proposal is to generate a hosts file and have the docker images use their pre-allocated slots.
Metadata Exchange: each docker image should make its metadata available for download on a pre-arranged endpoint. Furthermore, each docker image should know about the metadata of the other images. Therefore they either need to use a pre-arranged MDX service or they need to have some pre-arranged way for taking up metadata, i.e., via a mounted folder specifically for this purpose
The logs should be made available from outside of the docker images for investigation. For better debugging it is advised that debug mode is used.
Any IdPs should support a pre-arranged set of test users' credentials and released attributes, in order to support automated testing.