Using custom metadata for my SP
Vjger
vjger69 at gmail.com
Thu Feb 6 06:48:24 EST 2020
Peter Schober wrote
> * Vjger <
> vjger69@
> > [2020-02-06 11:56]:
>> Now I need to federate my SP with external IDPs and so I need to
>> customize the SP metadata in according to IDPS requisites about
>> metadata and assertion.
>
> That should not be the case: Your metadata describes your SP,
> independently from who's asking.
Correct but the informations required by external idps are more of what is
required by my internal shibboleth idp.
Two examples:
a) requires an Organization element but my current metadata (got by
Shibboleth.sso/metadata) doesn't contain it.
b) requires <md:AttributeConsumingService> element but my current metadata
(got by Shibboleth.sso/metadata) doesn't contain it.
Why would the SP need to "know and use" metadata about itself?
It's (only) the IDPs that will need the SP's metadata.
Ok, I suspected it but I've two questions:
1) what happens if i produce and share my custom metadata with two
certificates (tag <md:KeyDescriptor use="signing"> and
<md:KeyDescriptor use="encryption">) and into shibboleth2.xml tag
<CredentialResolver> use different pem files? I would have a conflict,
isnt'it?
2) how i can get my custom metadata by Shibboleth.sso/Metadata url?
Thanks more.
--
Sent from: https://shibboleth.1660669.n2.nabble.com/Shibboleth-Users-f1660767.html
More information about the users
mailing list