Deprecated
Note that this page has been deprecated. The information it contains is no longer current.
Dynamic Analysis of IdP Endpoints in Metadata
InCommon Operations periodically probes browser-facing endpoints in IdP metadata for liveness. The goal of this probing operation is to alert site administrators about possible deployment issues involving InCommon IdPs.
There are service providers in the Federation that offer a comprehensive list of IdPs on their discovery interface. If your IdP has issues, your users may hit a dead end when they choose your IdP on a discovery interface. This results in a poor user experience and reflects badly on the Federation. Consequently, if you, as an IdP operator, are unable to fix or repair your IdP in short order, it is strongly RECOMMENDED that you self-assert the Hide From Discovery Category until the issues can be resolved. Once you insert the hide-from-discovery
entity attribute (via the Federation Manager), your IdP will be removed from the list below.
The following tables list the codes used to classify IdPs and endpoints:
Curl Exit Code | Interpretation | IdP Classification |
---|---|---|
0 | Successful | Alive |
6 | DNS name resolution failed | Dead |
7 | Host unreachable | Dead |
28 | Timeout | Unresponsive |
35 | SSL connection error | Indeterminate |
51 | SSL certificate of peer was unacceptable | Indeterminate |
52 | The server did not reply to the request | Indeterminate |
56 | Receipt of network data failed | Indeterminate |
HTTP Response Code | Interpretation | Endpoint Classification |
---|---|---|
000 | No response | See curl exit code |
200 | OK | Success |
302 | Found | See curl exit code |
400 | Bad Request | Unknown |
401 | Unauthorized | Basic Auth required? |
404 | Not Found | Bad endpoint location |
500 | Internal Server Error | Server misconfiguration? |
503 | Service Unavailable | Unknown |
An endpoint probe results in a curl exit code. A zero exit code indicates success while a nonzero exit code indicates failure. See the curl man page for a brief description of possible exit codes.
An endpoint probe that produces both curl exit code 0 and HTTP response code 200 is considered a successful probe. All unsuccessful probes are listed in the following table (which was produced on May 20, 2016):
OrganizationName IdP DisplayName IdP entityID Endpoint Location Curl Exit Code HTTP Response Code Virginia Community College System Virginia Community College System http://adfs.directory.vccs.edu/adfs/services/trust https://adfs.directory.vccs.edu/adfs/ls/ 6 000 ServiceNow ServiceNow http://idp.devsnc.com/openam https://idp.devsnc.com/openam/SSORedirect/metaAlias/idp 0 500 Chaminade University of Honolulu Chaminade University of Honolulu https://auth.chaminade.edu/idp/shibboleth https://auth.chaminade.edu/idp/profile/SAML2/Redirect/SSO 0 500 University of Miami University of Miami https://caneid.miami.edu/idp/shibboleth https://caneid.miami.edu/idp/profile/SAML2/Redirect/SSO 56 200 California Maritime Academy California Maritime Academy https://cma-shibboleth.csum.edu/idp/shibboleth https://cma-shibboleth.csum.edu/idp/profile/SAML2/Redirect/SSO 0 401 Emerson College Emerson College https://duo.emerson.edu/dag/saml2/idp/metadata.php https://duo.emerson.edu/dag/saml2/idp/SSOService.php 0 500 Comodo CA Ltd. Comodo CA Ltd. https://heimdall.comodo.net/idp/shibboleth https://heimdall.comodo.net/idp/profile/SAML2/Redirect/SSO 0 404 Carnegie Mellon University Carnegie Mellon University Tartan-ConnectID for Guests https://identity.andrew.cmu.edu/idp/shibboleth https://identity.andrew.cmu.edu/idp/profile/SAML2/Redirect/SSO 0 401 National Science Foundation National Science Foundation https://identity.research.gov/sso https://identity.research.gov/sso/SSORedirect/metaAlias/research/idp 0 500 California State University, Office of the Chancellor California State University, Office of the Chancellor https://idp-co.calstate.edu/idp/shibboleth https://idp-co.calstate.edu/idp/profile/SAML2/Redirect/SSO 0 401 Contra Costa Community College District Contra Costa Community College District https://idp.4cd.edu/idp/shibboleth https://idp.4cd.edu/idp/profile/SAML2/Redirect/SSO 7 000 Bridgewater College Bridgewater College https://idp.bridgewater.edu/simplesaml https://idp.bridgewater.edu/simplesaml/saml2/idp/SSOService.php 0 500 RSmart RSmart https://idp.cloud.rsmart.com/saml https://idp.cloud.rsmart.com/saml/saml2/sso 0 404 Fermi National Accelerator Laboratory Fermi National Accelerator Laboratory https://idp.fnal.gov/idp/shibboleth https://pingprod.fnal.gov:9031/idp/SSO.saml2 0 500 Lock Haven University Lock Haven University https://idp.lhup.edu/idp/shibboleth https://idp.lhup.edu/idp/profile/SAML2/Redirect/SSO 28 000 Merit Network, Inc. Merit Network, Inc. https://idp.merit.edu https://merit-idp01.merit.edu/ssp/saml2/idp/SSOService.php 0 401 Oak Ridge National Laboratory Oak Ridge National Laboratory https://idp.ornl.gov/idp https://extidp.ornl.gov:9031/idp/SSO.saml2 0 500 Parchment, Inc. Parchment, Inc. https://idp.parchment.com/idp/shibboleth https://idp.parchment.com/idp/profile/SAML2/Redirect/SSO 0 404 SHI International Corporation SHI International Corporation https://idp.shi.com https://internal.shi.com/idp/profile/SAML2/Redirect/SSO 28 000 Symplicity Corporation Symplicity Corporation https://idp.symplicity.com/idp/shibboleth https://idp.symplicity.com/idp/profile/SAML2/Redirect/SSO 28 000 University of the District of Columbia University of the District of Columbia https://idp.udc.edu/idp/shibboleth https://idp.udc.edu/idp/profile/SAML2/Redirect/SSO 28 000 University of Texas-Pan American University of Texas-Pan American https://idp1.utpa.edu/idp/shibboleth https://idp1.utpa.edu/idp/profile/SAML2/Redirect/SSO 35 000 Wake Tech Community College Wake Tech Community College https://incommon.waketech.edu/idp/shibboleth No HTTP-Redirect endpoint NA NA Thomas Jefferson National Accelerator Facility Thomas Jefferson National Accelerator Facility https://jidp.jlab.org/idp/shibboleth https://jidp.jlab.org/idp/profile/SAML2/Redirect/SSO 28 000 LIGO Scientific Collaboration LIGO Scientific Collaboration https://login.ligo.org/idp/shibboleth https://login.ligo.org/idp/profile/SAML2/Redirect/SSO 0 401 Regis University Regis University https://login.regis.edu https://login.regis.edu/idp/SSO.saml2 0 404 Coppin State University Coppin State University https://oba.coppin.edu/idp/shibboleth https://oba.coppin.edu/idp/profile/SAML2/Redirect/SSO 0 404 University of Colorado Denver University of Colorado Denver https://passport.ucdenver.edu/oam/fed https://passport.ucdenver.edu/oamfed/idp/samlv20 56 302 Adventist University of Health Sciences Adventist University of Health Sciences https://saml.adu.edu https://saml.adu.edu/simplesaml/saml2/idp/SSOService.php 0 500 Nelnet Business Solutions Nelnet Business Solutions https://saml.nelnet.net https://gatekeeper.factsmgt.com/idp/SSO.saml2 0 500 Southern Illinois University Southern Illinois University https://shib-idp.siu.edu/idp/shibboleth https://shib-idp.siu.edu/idp/profile/SAML2/Redirect/SSO 35 302 University of Texas Health Science Center At Houston University of Texas Health Science Center At Houston https://shib-idp2.uth.tmc.edu/idp/shibboleth https://shib-idp2.uth.tmc.edu/idp/profile/SAML2/Redirect/SSO 0 400 Florida State University Florida State University https://shib.its.fsu.edu/idp/shibboleth No HTTP-Redirect endpoint NA NA McNally Smith College McNally Smith College https://shib.mcnallysmith.edu/idp/shibboleth https://shib.mcnallysmith.edu/idp/profile/SAML2/Redirect/SSO 7 000 University of Texas of the Permian Basin University of Texas of the Permian Basin https://shibb.utpb.edu/idp/shibboleth https://shibb.utpb.edu/idp/profile/SAML2/Redirect/SSO 0 400 University of California Hastings College of the Law University of California Hastings College of the Law https://shibboleth.uchastings.edu/idp/shibboleth https://shibboleth.uchastings.edu/idp/profile/SAML2/Redirect/SSO 56 000 West Chester University of Pennsylvania West Chester University of Pennsylvania https://shibidp.wcupa.edu/idp/shibboleth https://shibidp.wcupa.edu/idp/profile/SAML2/Redirect/SSO 28 000 Augsburg College Augsburg College https://sso.augsburg.edu/simplesaml/saml2/idp/metadata.php https://sso.augsburg.edu/simplesaml/saml2/idp/SSOService.php 0 500 Hampden-Sydney College Hampden-Sydney College https://sso.hsc.edu/adfs/services/trust https://sso.hsc.edu/adfs/ls/ 35 000 Merchant Preservation Services Merchant Preservation Services https://thelonious.campusguard.com/idp/shibboleth https://thelonious.campusguard.com/idp/profile/SAML2/Redirect/SSO 28 000 Meredith College Meredith College https://webauth.meredith.edu/idp/shibboleth https://webauth.meredith.edu/idp/profile/SAML2/Redirect/SSO 0 404 Davie County Schools Davie County Schools urn:mace:incommon:davie.k12.nc.us No HTTP-Redirect endpoint NA NA Medical University of South Carolina Medical University of South Carolina urn:mace:incommon:musc.edu No HTTP-Redirect endpoint NA NA OhioLink OhioLink urn:mace:incommon:ohiolink.edu https://authdb.ohiolink.edu/idp/profile/SAML2/Redirect/SSO 0 401