Using custom metadata for my SP
vjger69 at gmail.com
Thu Feb 6 06:48:24 EST 2020
Peter Schober wrote
> * Vjger <
> > [2020-02-06 11:56]:
>> Now I need to federate my SP with external IDPs and so I need to
>> customize the SP metadata in according to IDPS requisites about
>> metadata and assertion.
> That should not be the case: Your metadata describes your SP,
> independently from who's asking.
Correct but the informations required by external idps are more of what is
required by my internal shibboleth idp.
a) requires an Organization element but my current metadata (got by
Shibboleth.sso/metadata) doesn't contain it.
b) requires <md:AttributeConsumingService> element but my current metadata
(got by Shibboleth.sso/metadata) doesn't contain it.
Why would the SP need to "know and use" metadata about itself?
It's (only) the IDPs that will need the SP's metadata.
Ok, I suspected it but I've two questions:
1) what happens if i produce and share my custom metadata with two
certificates (tag <md:KeyDescriptor use="signing"> and
<md:KeyDescriptor use="encryption">) and into shibboleth2.xml tag
<CredentialResolver> use different pem files? I would have a conflict,
2) how i can get my custom metadata by Shibboleth.sso/Metadata url?
Sent from: https://shibboleth.1660669.n2.nabble.com/Shibboleth-Users-f1660767.html
More information about the users