AUSTRALIAN ACCESS FEDERATION
Question: Is your IdP monitored by the AAF Status system?
The AAF status system has been provided to allow everyone from the AAF team, to organisational service desks through to end users to quickly identify issues that may be affecting their ability to use federation services. Having your IdP registered and monitored helps the whole federation.
Monitors can be added through the federation registry using the Monitoring tab in your IdP view.
The following monitors can be defined for your IdP in order of importance.
| Monitor | Description |
|---|---|
| Time Sync | Checks that your IdP server is in time sync with rest of the federation. If you server goes beyond 3 minutes out of sync your IdP will stop working. |
| Shib Basic | Test your IdP is responding with an Ok from its status end point, i.e the IdP is running. |
| SSL - Certificate | Tests the expiry date of your IdP web server certificate. If it is close to expiry a warning will appear, if it expires the server will be marked as down. The IdP may actually continue to work be users will receive warning messages about the expired certificate every time they login. |
| HTTP | Tests your web server to ensure it is responding. |
| Ping | A basic ping of your server to verify it is on the network. |
Recommendation: The AAF Recommends that your IdP be monitored by the AAF monitoring and status service and your configure at least two monitors which includes the Time Sync monitor as one of them.