AAF Federations

The AAF provides two complementary technical Federations, a Test
Federation and a Production Federation.

The AAF Production Federation provides a high level of trust, high availability and is only for the registration of production services. The AAF Test Federation is provided to enable organisations to assess the technologies of the AAF and for software development and testing.

Policy on the use of each federation can be found here: AAF Usage Policy

The two federations operate completely independently. The AAF Test federation is just that a test environment that is used by the AAF to test patches and upgrades before applying to Production. Similarly the test environment can be used be subscribers to test their Identity Providers and Services before migration to production. 

The AAF recommends
    • Each IdP and SP be registered in only one federation at any time
    • Where feasible, a test version of all Production IdPs and SPs be deployed into the AAF Test environment
    • All installations, changes, upgrades and patches be successfully performed in the AAF Test environment before changing the production environment.

Federation Locations

Having two independent federations requires that they will have different addresses, names, certificates, metadata etc., which will create subtle differences in the configuration of the various components. The major difference will be in the URLs used to reference various components. In general, the test federation will use the domain 'test.aaf.edu.au' while production will use 'aaf.edu.au'. (The word 'test' is removed from the domain).

The following tables provide a list of major technical components detailing the differences between the Test and Production federations. Use "Copy Link Address" from the links below to obtain the correct URL.

Most of the AAF Test environment components will display either "AAF Test Environment" or "AAF - Test Federation Deployment"  prominently on their web user interface.

 Component   Test   Production 
 Federation Name

Entities descriptor found in the AAF Metadata, can also appear in attribute-filter.xml.
 https://md.test.aaf.edu.au/aaf-test-metadata.xml  https://md.aaf.edu.au/aaf-metadata.xml

Location of the AAF Metadata.
 Metadata File

 Signing Certificate
 Production Metadata

 Signing Certificate

 Federation Registry

Tool for managing the technical components of the federation. 

 Test Federation Registry  Production Federation Registry
 Discovery Service (WAYF)

Directs users to their home institution as part of the login process. Required by service providers in the shibboleth2.xml configuration file.

 Test Discovery Service  Production Discovery Service
 AAF Virtual Home Organisation

Identity Provider for users who require access but are not closely associated with an organisation with an IdP. Also provides access to an attribute reflector testing tool.
 Test VHO
 Production VHO