xml question about conf files
Kevin Foote
kpfoote at uoregon.edu
Fri Mar 14 15:19:10 EDT 2014
You should be able to simply change your MD Provider entry to be the simplified version
<metadata:MetadataProvider xsi:type=“metadata:FilesystemMetadataProvider”
id=“CORNELLSP"
metadataFile="/app/shibboleth/shibboleth-idp/metadata/cornellsp-md.xml" />
--------
thanks
kevin.foote
On Mar 14, 2014, at 12:10 PM, Joy Veronneau <jv11 at cornell.edu> wrote:
>
> Hi,
>
> We have a production IDP which used to be Shibboleth 1.3 but was years ago upgraded to 2.x. Our test IdP was installed as a version 2.x IdP. I've noticed that when I move relying-party.xml configs from test to production, the production system doesn't seem to understand the same syntax. For example, if the stanza contains something like this:
>
> <metadata:MetadataProvider xsi:type="metadata:FilesystemMetadataProvider" xmlns="urn:mace:shibboleth:2.0:metadata"
> id="CORNELLSP"
> metadataFile="/app/shibboleth/shibboleth-idp/metadata/cornellsp-md.xml" />
>
> I have to change it to remove the "metadata:" part at the beginning.
>
> The first few lines in my relying-party.xml file in TEST are:
>
> <rp:RelyingPartyGroup xmlns:rp="urn:mace:shibboleth:2.0:relying-party"
> xmlns:saml="urn:mace:shibboleth:2.0:relying-party:saml"
> xmlns:metadata="urn:mace:shibboleth:2.0:metadata"
> xmlns:resource="urn:mace:shibboleth:2.0:resource"
> xmlns:security="urn:mace:shibboleth:2.0:security"
> xmlns:samlsec="urn:mace:shibboleth:2.0:security:saml"
> xmlns:samlmd="urn:oasis:names:tc:SAML:2.0:metadata"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xsi:schemaLocation="urn:mace:shibboleth:2.0:relying-party
> classpath:/schema/shibboleth-2.0-relying-party.xsd
> urn:mace:shibboleth:2.0:relying-party:saml
> classpath:/schema/shibboleth-2.0-relying-party-saml.xsd
> urn:mace:shibboleth:2.0:metadata classpath:/schema/shibboleth-2.0-metadata.xsd
> urn:mace:shibboleth:2.0:resource classpath:/schema/shibboleth-2.0-resource.xsd
> urn:mace:shibboleth:2.0:security classpath:/schema/shibboleth-2.0-security.xsd
> urn:mace:shibboleth:2.0:security:saml classpath:/schema/shibboleth-2.0-security-policy-saml.xsd
> urn:oasis:names:tc:SAML:2.0:metadata classpath:/schema/saml-schema-metadata-2.0.xsd">
>
>
> and in production the first lines are:
>
> <RelyingPartyGroup xmlns="urn:mace:shibboleth:2.0:relying-party"
> xmlns:saml="urn:mace:shibboleth:2.0:relying-party:saml"
> xmlns:metadata="urn:mace:shibboleth:2.0:metadata"
> xmlns:resource="urn:mace:shibboleth:2.0:resource"
> xmlns:security="urn:mace:shibboleth:2.0:security"
> xmlns:samlsec="urn:mace:shibboleth:2.0:security:saml"
> xmlns:samlmd="urn:oasis:names:tc:SAML:2.0:metadata"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xsi:schemaLocation="urn:mace:shibboleth:2.0:relying-party classpath:/schema/shibboleth-2.0-relying-party.xsd
> urn:mace:shibboleth:2.0:relying-party:saml classpath:/schema/shibboleth-2.0-relying-party-saml.xsd
> urn:mace:shibboleth:2.0:metadata classpath:/schema/shibboleth-2.0-metadata.xsd
> urn:mace:shibboleth:2.0:resource classpath:/schema/shibboleth-2.0-resource.xsd
> urn:mace:shibboleth:2.0:security classpath:/schema/shibboleth-2.0-security.xsd
> urn:mace:shibboleth:2.0:security:saml classpath:/schema/shibboleth-2.0-security-policy-saml.xsd
> urn:oasis:names:tc:SAML:2.0:metadata classpath:/schema/saml-schema-metadata-2.0.xsd">
>
> So I am wondering what I need to do to make the two relying-party.xml files more compatable xml-wise? It seems like the test idp understands a syntax that production doesn't.
>
> Thanks,
>
> Joy
>
>
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list