Lafayette College�TIER Campus Success Program Outcomes��Shibboleth IdP Package Customization and Integration��midPoint Identity Registry Evaluation

Shibboleth IdP Package

• Local customizations
• Shib-CAS plugin
• REFEDS MFA Profile
• No infrastructure support for Docker

​

midPoint

• Custom employee identity registry (Accounts Workflow)
• Operational gaps
• Lack of familiarity with component

​

The Problem

The Solution

Shibboleth IdP Package

• Strategy for implementation
• Configuration files
• Orchestration
• Local requirements as native options
• Unicon adds MFA signaling to plugin
• Internet2 package copies local configuration into Docker image

​

midPoint

• Expected Accounts Workflow replacement
• Provisioning challenges
• LDAP directory connection and resource schema files
• Example files
• Reconciliation
• Shortened timeline

​

The Result

Shibboleth IdP Package

• Production IdP in a Docker container
• Docker platform provides operational benefits
• Surrounding execution environment no longer matters
• Persistent Java memory allocation problem resolved
• Unicon and Internet2 SME Paul Caskey critical to success

​

midPoint

• Focus on provisioning and synchronization capabilities
• Is flexible but meeting use case requires customization
• Need for database in front to make it subject-aware
• Possible partial replacement

​

​

​

Campus Success Program�Home��https://tinyurl.com/lafayettecsp