InCommon MDQ

Lohr, Donald - lohrda lohrda at jmu.edu
Mon Jul 6 23:17:53 UTC 2020 

(as in: one metadata provider with all your non-InC SPs in it) or even

What docs exists that show how to do/configure for this?

never reloading anything at all (as in: using localDynamic).

Are you referring to: LocalDynamicMetadataProvider

Thanks,
Don

On 7/6/20 4:35 PM, Peter Schober wrote:
> * Lohr, Donald - lohrda <lohrda at jmu.edu> [2020-07-06 19:05]:
>> 1) Right/wrong/indifferent (likely wrong) our practice seems to have
>> always been when adding a new non-InCommom member's metadata is to
>> drop in the default /metadata folder and to edit the
>> /conf/metadata-providers.xml file
>> and add either configuration:
> And I think this was always communicated as the wrong approach, even
> though the software allows for it. Mainly because it doesn't scale
> well and reloading the whole metadata provider configuration is a more
> heavy-weight operation than reloading individual metadata providers
> (as in: one metadata provider with all your non-InC SPs in it) or even
> never reloading anything at all (as in: using localDynamic).
>
>> Somewhere I read, that the InCommon definition should come before or
>> or after everything else, but am not able to locate that again.
> https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.shibboleth.net_confluence_display_IDP30_MetadataConfiguration-23MetadataConfiguration-2DSearchOrderingSearchOrdering&d=DwICAg&c=eLbWYnpnzycBCgmb7vCI4uqNEB9RSjOdn_5nBEmmeq0&r=Pa2DB88IW_s2TyLfktHtWA&m=kPeA_tGRABa0tTaxZ6o2NcxN3oGBM-LjsH1k9KFs7YE&s=CaqUOiWlFjBoLxe7G3agEeWXabrdFYeGdXzByL2qG2A&e=
>
> Found via IDPv3 home -> Configuration -> Metadata -> "Search Ordering".
>
>> In a metadata-providers.xml file like I am describing, what kind of
>> order listing should be used to list federations and specific SPs?
> Depends on the desired effect and how much you trust your own metadata
> curation skills, I suppose.
>
> E.g. I put the MetadataProvider with locally managed SPs before the
> federation metadata, because I want to be able to potentially override
> what's in the federation metadata (for debugging purposes) and by
> removing my local copy the federation-managed copy takes over.
>
> -peter

-- 
D o n a l d   L o h r
I n f o r m a t i o n   S y s t e m s
J a m e s   M a d i s o n   U n i v e r s i t y
5 4 0 . 5 6 8 . 3 7 3 0

More information about the users mailing list