Question re: SP config to consume metadata
David Bantz
dabantz at alaska.edu
Thu May 15 14:31:29 EDT 2014
Closing the loop on this thread:
Tom’s Whitelist filter suggestion works (not surprisingly) to filter out the entities other than that listed,
enabling the SP to consume/update my IdP metadata from signed InC metadata repository.
<MetadataProvider type=“XML”
uri="http://md.incommon.org/InCommon/InCommon-metadata.xml"
backingFilePath=“partner-metadata.xml”
reloadInterval="7200”>
<MetadataFilter type=“RequireValidUntil" maxValidityInterval="2419200”/>
<MetadataFilter type="Signature" certificate="incommon.pem”/>
<MetadataFilter type="Whitelist">
<Include>my_idp_entityID_here</Include>
</MetadataFilter>
</MetadataProvider>
This use appears adequately documented at
https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPMetadataFilter#NativeSPMetadataFilter-WhitelistMetadataFilter
David Bantz
U Alaska
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20140515/b749e9f1/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://shibboleth.net/pipermail/users/attachments/20140515/b749e9f1/attachment-0001.bin
More information about the users
mailing list