Matadata aggregator , federation named groupID for filters

Ian Young ian at
Fri Jun 18 07:32:42 UTC 2021

> On 2021-06-17, at 21:49, Jehan PROCACCIA <jehan.procaccia at> wrote:
> Indeed MA 0.7 is quite old, so I followed your advice and upgradred to latest 0.9.2 
> before going to my initial goal (descriptorName property  as you mentioned) 

That's great.

> I want to be able to aggregate and sign my federation Metadata (IDPs and SPs) 
> I am afraid that my old MA aggregate-config.xml file is not compatible with 0.9.2 

> So I took the sample
> and tried to adapt it to my purpose .

Yes, there are a number of incompatibilities (the API will be finalised, I hope, in 0.10.0 but certainly in 1.0.0). The release notes cover these, but starting fresh can make sense too. It's a pity I don't have an example a bit closer to what you're doing. "Aggregate and Republish" is worth looking at, though (see below).

> the main difference here is that I don't want to parse and sign a single MD file but aggregate a complete directory of IDPs and SPs MD files
> So I took <bean id="metadataDirectory" from my old 0.7 config in place , but call to it (source-ref="metadataDirectory") from <bean id="source" class="net.shibboleth.metadata.dom.DomFilesystemSourceStage" fails on this error : 
> [aggregator-cli]# ./ ../config-imt.xml main 
> ERROR - Unable to initialize Spring context
> org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 14 in XML document from URL [file:/root/aggregator-cli-0.9.2/../config-imt.xml] is invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: 14; columnNumber: 141; cvc-complex-type.3.2.2 : L'attribut 'source-ref' n'est pas autorisé dans l'élément 'bean'.
> indeed attribute "source-ref" is a patch from my old config to the sample one I took . 
> here is my what I did : 
> <!-- My ADD :  Configuration Options for the metadata aggregation process -->
>    <bean id="metadataDirectory" class="">
>        <constructor-arg value="/root/xml/fede-imt-metadata-git/"/>
>    </bean>
>    <!-- First, we define the stages for our pipeline -->
>    <!-- My COMMENT from initial sample  <bean id="source" class="net.shibboleth.metadata.dom.DOMFilesystemSourceStage"> -->
>            <!-- MY ADD  the following line -->
>        <bean id="source" class="net.shibboleth.metadata.dom.DomFilesystemSourceStage" source-ref="metadataDirectory" parserPool-ref="parserPool"/>

The issue here is that in order to set properties on a bean as XML attributes rather than nested <property> elements you need to use the "p:" namespace. Unfortunately that particular example doesn't define it, although one of the other examples (Aggregate and Republish) does. So, from Aggregate and Republish:

<beans default-init-method="initialize"
       xmlns=" <>" xmlns:p=" <>"
       xmlns:util=" <>" xmlns:xsi=" <>"
       xsi:schemaLocation=" <> <>
                  <> <>">


    <bean id="readLocalMetadata" class="net.shibboleth.metadata.dom.DOMFilesystemSourceStage"
        p:id="readLocalMetadata" p:parserPool-ref="parserPool" p:source-ref="localMetadataDirectory"/>

Attributes which are part of Spring XML configuration are given without a namespace, XML attributes setting bean properties are part of the "p:" namespace. This means that the names can't clash.

Hope this helps,

	-- Ian

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3883 bytes
Desc: not available
URL: <>

More information about the users mailing list