From d02aae308bfcec98a23990273708456eb77dcacd Mon Sep 17 00:00:00 2001
From: "Hahn Axel (hahn)" <axel.hahn@unibe.ch>
Date: Tue, 17 Sep 2024 18:02:17 +0200
Subject: [PATCH] update docs

---
 docs/30_Requirements.md |  1 +
 docs/40_Installation.md | 21 +++++++++++++++++++--
 2 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/docs/30_Requirements.md b/docs/30_Requirements.md
index 03d6241..ec9e519 100644
--- a/docs/30_Requirements.md
+++ b/docs/30_Requirements.md
@@ -2,3 +2,4 @@
 
 * PHP 8 (up to 8.3)
 * PHP web application with mod_shibboleth
+* Shibboleth must be configured to allow logins from other organizations
diff --git a/docs/40_Installation.md b/docs/40_Installation.md
index b8a7bd9..bdb5d51 100644
--- a/docs/40_Installation.md
+++ b/docs/40_Installation.md
@@ -1,5 +1,22 @@
 ## Installation
 
-* In the webroot create a subfolder "login_aai".
+* In the webroot create a subfolder "login_aai". 
+* Extract the files there.
+* Do NOT protect this folder with Shibboleth that it can be accessed anonymous
+* Copy config.php.dist to config.php and make your changes. See chapter Configuration.
 * Set a Link for Login to `/login_aai/` where needed
-* Copy config.php.dist to config.php and make your changes.
+
+The web ui offers just a frontend for your visitors to link multiple organisations.
+
+That the login at other IDP work you need to
+
+* create a Service provider on your AAI Federation
+* configure Shibboleth and whitelist the wanted IDPs
+* For access from other federations (countries):
+  * You and your partner need to enablle EDUGAIN.
+  * The parter IDP must enable the domain of your website
+
+Links:
+
+* <https://en.wikipedia.org/wiki/Shibboleth_(software)>
+* <https://met.refeds.org/>
-- 
GitLab