Introduction

The Federation Registry (FR) is an extensible web application that defines a list of subscribing Organisations with a collection of Identity Providers (IdPs) and Service Providers (SPs). The FR provides a central point for the registration, management and reporting for IdPs and SPs which participate in a standards-compliant SAML2 identity federation.


Subscribing organisations manage their collection of services within the FR, making the tool self-service centric. An organisational administrator can request the creation of an organisation from the federation operator. On approval, the new organisation will become visible within the FR and permit the creation of IdPs and SPs for an Organisation.


The Australian Access Federation is the developer of the FR and releases the code under the permissive Apache 2.0 open source license. Source code and issue tracking hosting occur on Github.

The GitHub repository has been archived by the owner. It is now read-only.
Details

Key Features

  • Management of all aspects of SAML2 compliant Identity and Service Providers 
  • SAML2 compliant metadata generation 
  • Automation of Attribute Filter generation to assist administrators
  • Registration of new Organisations, Identity Providers and Service Providers
  • An Organisation can link and manage an unlimited number of IdPs and SPs
  • A personalised dashboard view of the federation is available to all users
  • A browser based (including mobile) HTML5 compliant user interface which can be branded by the deploying federation organisation. 
  • Multilingual capable 
  • A fully customisable workflow engine which handles registrations and other critical federation activities
  • In-depth reporting provides insight into the workings of an entire federation 
  • Federation integrated, automatically provisioned user accounts with fine grained access control


Get Started

The project is available as source code only. A deployer will need to invest time to study the components which make the service operational. Prior experience with Git, SAML, federations and some web development is essential. Experience with Java, Groovy and Grails programming will contribute substantially to the deployment of the code.


Technologies

License Notice

The Federation Registry product includes components written by Highcharts - http://www.highcharts.com and used by the AAF under the Highcharts 'Non-Commercial' license agreement http://creativecommons.org/licenses/by-nc/3.0/.  

The Australian Access Federation Ltd is both a 'not for profit' and Australian University sector organisation. Any organisation deploying Federation Registry must determine how Highcharts licensing applies to their deployment and obtain suitable licenses.


The Federation Registry also providers the following functionality;

  • Maintains contacts and administrator lists for each component;
  • Federation utilisation reporting of Identity Providers and Service Providers
  • Compliance reporting
  • Federation workflow management
  • Metadata generation
  • Attribute filter generation
  • Federation status monitors management, and more


The federation registry can be accessed directly in the Test environment https://manager.test.aaf.edu.au and Production environment https://manager.aaf.edu.au/.


Screenshots


Dashboard





Reporting





SAML Endpoint Management