The table below attempts to show some of the existing monitoring tools that are available for SAML entities and federations, what they focus on and what results they deliver. The idea is to look at where we are currently delivering tools, how we present them, where we can combine efforts and, most importantly, if we can combine results in a convenient and coherent report for entities.
Questions to ask:
- Do we currently have all the right tools that we want (and preferably are we cooperating on tool development and not duplicating)?
- Have we defined all the tests that we want in the right contexts (e.g. test for eduGAIN compliance vs local federation compliance vs general SAML compliance)?
- How are we promoting
Check Type | Purpose | REFEDS | eduGAIN | Wider | When Run | Report Given | Comments |
---|---|---|---|---|---|---|---|
SAML Deployment Profile checks | To check compliance against SAML deployments in given contexts | FedLab: SAML2Int | eduGAIN metadata validator - tests against the eduGAIN Metadata Profile SAML2Int? - no test run against the SAML2Int SHOULD | Testing during deployment process by IdPs and SPs. | |||
SAML Configuration Check | To test specific elements of the way of SAML deployment is configured and whether it is operational | N/A | TestShib | Fedlab: MCCS - Metadata Monitoring Service | Testing during service operation to flag operational issues. | ||
Verify Entity Categories | FedLab: Entity Check Need R&S monitor? | CoCo Monitor eduGAIN Attribute Release Check (in development) | FedLab: Entity Check | ||||
Check Attribute Release | |||||||
Test IdP / Access Check | TestShib | ||||||
Metadata Explorer | |||||||
IsFederated | |||||||