Matadata aggregator , federation named groupID for filters
Jehan PROCACCIA
jehan.procaccia at tem-tsp.eu
Wed Jun 16 16:05:50 UTC 2021
Hello,
I've been using for a long time this tool :
[ https://wiki.shibboleth.net/confluence/display/MA1 | https://wiki.shibboleth.net/confluence/display/MA1 ]
to aggregate metadatas in my federation (an old 0.7 version ...)
but I cannot find a way to tell it to "name" the aggregated metadata so that this name can be used ultimately as a groupID in attribute-filters as in
<PolicyRequirementRule xsi:type="InEntityGroup" groupID="https://federation.renater.fr/test/" />
is MA1 capable to name aggregate ?
I cannot find the option/parameter to set in aggregator-config.xml which would named the aggregated metadata ?
for now it generate this basic EntitiesDescriptor element without name and a random-like ID :
<md:EntitiesDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="5cef7729-7db7-432f-b25a-c2707023470f" cacheDuration="P1DT0H0M0.000S" validUntil="2021-08-15T14:09:43.286Z">
Regarding aggregate name convention, I see in Incommon Metadata this named for example
ID="INC20210616T153332" Name="urn:mace:incommon" validUntil="2021-06-30T15:33:32Z"
and here in France (Renater) has
Name="https://federation.renater.fr/test/" ID="_20210616T150017Z" validUntil="2021-06-25T15:00:17Z" cacheDuration="PT1H"
does the name has to be a URL and / or a URN ?
Thanks .
jehan .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20210616/99eee07f/attachment.htm>
More information about the users
mailing list