Tech Info
Kalmar Union Technology
Kalmar Union is based on SAML 2.0 technology, and a full mesh of Identity and Service Providers exchanging SAML 2.0 assertions directly. Several SAML 2.0 products are in use, SimpleSAMLphp and Shibboleth being the most widely used. Kalmar Union makes use of the Interoperable Web single sign-on deployment profile of SAML 2.0.
Kalmar Union Metadata
Each member federation makes use of the SAML 2.0 metadata specification to provide a list of Identity and Service Providers that are exposed to Kalmar Union. Kalmar Union aggregates the national SAML 2.0 metadata files to provide a SAML 2.0 metadata file for Kalmar Union. The metadata includes also a list of attributes the Service Providers request from the Identity Providers.
| Description | Link (example) |
|---|---|
| Aggregated Kalmar metadata | Full set |
| Use mimetype=application/xml parameter to make it open in a web browser | Full set (browser friendly) |
| Use exclude parameter with a country tag (norway, finland, sweden, denmark) to drop a country | Full set excluding Norway |
| Use set=saml20-idp-remote parameter to include IdPs only | IdPs only |
| Use set=saml20-sp-remote parameter to include SPs only | SPs only |
| Shibboleth 2.x attribute filter policy for convenience in Haka federation | Shibboleth afp |
| The certificate used for signing the metadata | Metadata signing certificate |
Kalmar IdP Discovery Service
Kalmar Union provides a Discovery Service that the Service Providers can utilise to locate the end user's Identity Provider in his/her home country.
To use the Discovery Service, use the following endpoint with the IdP Discovery Service protocol:
Login buttons
Feel free to use the buttions on your login-page.
Attributes in Kalmar Union
Participating federations use different sets of attributes:
More information
Mailing lists
Links
