How to set the federation Name when using LocalDynamicMetadataProvider / DynamicHTTPMetadataProvider?

[Cantor, Scott]

On 7/15/19, 11:31 AM, "users on behalf of Leite, Zailo S." <users-bounces at shibboleth.net on behalf of zleite at caltech.edu> wrote:

> My issue is that when I use DynamicHTTPMetadataProvider (in this case, 
> InCommon), I can no longer filter attributes by type "InEntityGroup".

That's why we have been telling people never to do that going forward for many years and to move in other directions. That is not a federation name, it's an arbitrary batch artifact that doesn't work going forward.

> The groupID is not there. That leads to the next question. For my own
> metadata configured with LocalDynamicMetadataProvider, with several
> files, how to I set the EntitiesDescriptor Name value?

You don't/can't.

If you want to set policy based on something specific, it might be "registrar", which is reflected by the Registration and Publication extension in metadata (InCommon's includes that extension) or can be based in some cases on EntityAttribute tags. The RPI extension can be used for attribute filtering but we have no explicit support for it otherwise, other than through writing scripts to enforce conditions by hand.

> Another item is that Incommon metadata retrieved via metadata query has
> an empty signature value. Is it even possible to set signing on the
> Metadata Query interface?

I know that InCommon's service signs its metadata, but this isn't an InCommon list and I don't know what they are or aren't doing for sure.

-- Scott