At the time of installation, the IdP entityID defaults to a URI given by this line of code in build.xml:
where idp.host.name is given by:
That particular default entityID is suboptimal for at least two reasons:
- Since the entityID is a name, not a location, the host part of the entityID need not be the same as the host part of the endpoint locations
- The string "shibboleth" is a type of "vendor lock-in"
Once defined, an entityID should NEVER change. Changing an entityID is essentially starting from scratch. In that sense, the entityID is permanent and so it's value must be chosen with great care.
I don't want to be prescriptive but the following default entityID is preferable to the one above:
That is a much better entityID since it only depends on the domain, which rarely changes.