quick expiry of SP Meta data

Tom Scavo trscavo at gmail.com
Fri May 3 12:10:09 EDT 2019

On Fri, May 3, 2019 at 4:08 AM Lalith Jayaweera <ljayaweera at gmail.com> wrote:
> Please let me know how to proceed on this.

The question how to manage untrusted metadata comes up periodically so
I contributed a solution. [1] Basically the process consists of
downloading the new metadata and comparing it with the old metadata.
If there's no change (apart from the validUntil attribute), simply
move the new metadata into the source directory. Otherwise, notify a
human that the new metadata needs to be reviewed. Except for the
review process, all of this can be scripted.

Hope this helps,


[1] https://wiki.shibboleth.net/confluence/x/FoWqAg

More information about the users mailing list