Shibboleth EDS and Azure
Cantor, Scott
cantor.2 at osu.edu
Fri Aug 14 18:27:54 UTC 2020
On 8/14/20, 2:09 PM, "users on behalf of Jason Cormie" <users-bounces at shibboleth.net on behalf of jason.cormie at gmail.com> wrote:
> the first is more for microsoft than this arena, does anyone know how to get Microsoft to release more useful SAML
> metadata?
You either control the metadata, in which case this answers itself, or the answer is pretty much "when the sun dies".
> My second question, is there a way to inject something into the metadata in the shibboleth2.xml that will be picked up
> by EDS?
Not without moving to something that's completely separate like the MDA software that can munge metadata completely (we even came up with a set of rules for it that will produce the JSON directly so the SP doesn't need aggregates). There are no filters to add this sort of thing in the SP itself.
The general answer would be that remotely relying on Azure's metadata is probably pointless anyway since I doubt it's signed, managed correctly, appropriately expiring, divorced from the configuration to allow for key changes, etc. And a local copy can of course be modified.
-- Scott
More information about the users
mailing list