Date: Fri, 29 Mar 2024 18:11:59 +0900 (JST) Message-ID: <1634637661.2035.1711703519658@meatwiki.nii.ac.jp> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_2034_637304122.1711703519658" ------=_Part_2034_637304122.1711703519658 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
=E5=AD=A6=E8=AA=8D=E3=83=A1=E3=82=BF=E3=83=87=E3=83=BC=E3=82=BF=E3=
=81=AE=E8=AA=AD=E3=81=BF=E8=BE=BC=E3=81=BF=E3=81=AFconf/metada=
ta-providers.xml
=E3=81=A7=E8=A8=AD=E5=AE=9A=E3=81=97=E3=81=BE=
=E3=81=99=E3=80=82
conf/metadata-providers.xml
<= !-- --> <MetadataProvider id=3D"HTTPMetadata" xsi:type=3D"FileBackedHTTPMetadataProvider" backingFile=3D"%{idp.home}/metadata/gakunin-metadata-= backing.xml" metadataURL=3D"https://metadata.gakunin.nii.ac.jp/gak= unin-metadata.xml"> <MetadataFilter xsi:type=3D"SignatureValidation" requireSignedRo= ot=3D"true" certificateFile=3D"%{idp.home}/credentials/gakunin-= signer-2010.cer"/> <MetadataFilter xsi:type=3D"RequiredValidUntil" maxValidityInter= val=3D"P15D"/> <MetadataFilter xsi:type=3D"EntityRoleWhiteList"> <RetainedRole>md:SPSSODescriptor</RetainedRole> </MetadataFilter> </MetadataProvider> <!-- -->
- &l= t;!-- + <!-- --> <MetadataProvider id=3D"HTTPMetadata" xsi:type=3D"FileBackedHTTPMetadataProvider" - backingFile=3D"%{idp.home}/metadata/localCopyFromXYZ= HTTP.xml" - metadataURL=3D"http://WHATEVER"> + backingFile=3D"%{idp.home}/metadata/gakunin-metadata= -backing.xml" + metadataURL=3D"https://metadata.gakunin.nii.ac.jp/ga= kunin-metadata.xml"> - <MetadataFilter xsi:type=3D"SignatureValidation" requireSignedR= oot=3D"true"> - <PublicKey> - MIIBI..... - </PublicKey> - </MetadataFilter> - <MetadataFilter xsi:type=3D"RequiredValidUntil" maxValidityInte= rval=3D"P30D"/> + <MetadataFilter xsi:type=3D"SignatureValidation" requireSignedR= oot=3D"true" + certificateFile=3D"%{idp.home}/credentials/gakunin= -signer-2010.cer"/> + <MetadataFilter xsi:type=3D"RequiredValidUntil" maxValidityInte= rval=3D"P15D"/> <MetadataFilter xsi:type=3D"EntityRoleWhiteList"> <RetainedRole>md:SPSSODescriptor</RetainedRole> </MetadataFilter> </MetadataProvider> - --> + <!-- -->
Shibboleth IdP 3.2=E3=81=8B=E3=82=89SignatureValidationFilter=E3=81=AEre= quireSignedMetadata=E3=81=8CrequireSignedRoot=E3=81=AB=E5=A4=89=E6=9B=B4=E3= =81=A8=E3=81=AA=E3=82=8A=E3=81=BE=E3=81=97=E3=81=9F=E3=80=82requireSignedMe= tadata=E3=81=AE=E5=A0=B4=E5=90=88=E3=80=81=E4=B8=8B=E8=A8=98=E3=81=AEwarnin= g=E3=83=A1=E3=83=83=E3=82=BB=E3=83=BC=E3=82=B8=E3=81=8C=E8=A1=A8=E7=A4=BA= =E3=81=95=E3=82=8C=E3=81=BE=E3=81=99=E3=80=82
2015-12-18 18:33:35,232 - WARN [net.shibboleth.idp.profile.spring.rely= ingparty.metadata.filter.impl.SignatureValidationParser:128] - file [/opt/s= hibboleth-idp/conf/metadata-providers.xml] Use of the attribute 'requireSig= nedMetadata' is deprecated, use 'requireSignedRoot' instead
=E5=AD=A6=E8=AA=8D=E3=83=A1=E3=82=BF=E3=83=87=E3=83=BC=E3=82=BF=E3=81=AE=
=E8=AA=AD=E3=81=BF=E8=BE=BC=E3=81=BF=E3=81=AFconf/metadata-providers.=
xml
=E3=81=A7=E8=A8=AD=E5=AE=9A=E3=81=97=E3=81=BE=E3=81=99=E3=80=82=
p>
conf/metadata-providers.xml
<Meta= dataProvider id=3D"HTTPMetadata" xsi:type=3D"FileBackedHTTPMetadataProvider" backingFile=3D"%{idp.home}/metadata/gakunin-metadata-back= ing.xml" metadataURL=3D"https://metadata.gakunin.nii.ac.jp/gakunin= -metadata.xml"> <MetadataFilter xsi:type=3D"RequiredValidUntil" maxValidityInterval= =3D"P15D" /> <MetadataFilter xsi:type=3D"SignatureValidation" requireSignedMetadata=3D"true" certificateFile=3D"%{idp.home}/credentials/gakunin-sign= er-2010.cer"/> <MetadataFilter xsi:type=3D"EntityRoleWhiteList"> <RetainedRole>md:SPSSODescriptor</RetainedRole> </MetadataFilter> </MetadataProvider>
=E3=83=AD=E3=83=BC=E3=82=AB=E3=83=ABSP=E3=81=AE=E3=83=A1=E3=82=BF=
=E3=83=87=E3=83=BC=E3=82=BF=E3=81=AFmetadata
=E4=BB=A5=E4=B8=8B=
=E3=81=AB=E9=85=8D=E7=BD=AE=E3=81=97=E3=81=A6=E3=80=81conf/met=
adata-providers.xml
=E3=81=A7=E8=A8=AD=E5=AE=9A=E3=81=97=E3=81=
=BE=E3=81=99=E3=80=82
conf/metadata-providers.xml
SP1=E3=81=AE=E3=83=A1=E3=82=BF=E3=83=87=E3=83=BC=E3=82=BF sp1-metadat=
a.xml
=E3=81=A8SP2=E3=81=AE=E3=83=A1=E3=82=BF=E3=83=87=E3=83=BC=E3=82=
=BF sp2-metadata.xml
=E3=82=92metadata
=E4=BB=A5=E4=
=B8=8B=E3=81=AB=E9=85=8D=E7=BD=AE=E3=81=97=E3=81=A6=E3=80=81conf/meta=
data-providers.xml
=E3=81=A7=E3=81=9D=E3=82=8C=E3=81=9E=E3=82=8C=E3=
=81=AE=E3=83=A1=E3=82=BF=E3=83=87=E3=83=BC=E3=82=BF=E3=82=92=E8=AA=AD=E3=81=
=BF=E8=BE=BC=E3=82=80=E8=A8=AD=E5=AE=9A=E4=BE=8B=E3=82=92=E4=BB=A5=E4=B8=8B=
=E3=81=AB=E7=A4=BA=E3=81=97=E3=81=BE=E3=81=99=E3=80=82
= <!-- Example file metadata provider. Use this if you want to load metadata from a local file. You might use this if you have some local SPs which are not "federated" but you wish to offer a service to. If you do not provide a SignatureValidation filter, then you have the r= esponsibility to ensure that the contents are trustworthy. --> <!-- <MetadataProvider id=3D"LocalMetadata" xsi:type=3D"FilesystemMetada= taProvider" metadataFile=3D"PATH_TO_YOUR_METADATA"/> --> <MetadataProvider id=3D"LocalMetadataForSP1" xsi:type=3D"Filesystem= MetadataProvider" metadataFile=3D"%{idp.home}/metadata/sp1-metadata.xml"/&g= t; <MetadataProvider id=3D"LocalMetadataForSP2" xsi:type=3D"Filesystem= MetadataProvider" metadataFile=3D"%{idp.home}/metadata/sp2-metadata.xml"/&g= t;
&= nbsp; <!-- Example file metadata provider. Use this if you want to load met= adata from a local file. You might use this if you have some local SPs which are not "federated" but you wish to offer a service to. If you do not provide a SignatureValidation filter, then you have= the responsibility to ensure that the contents are trustworthy. --> <!-- <MetadataProvider id=3D"LocalMetadata" xsi:type=3D"Filesystem= MetadataProvider" metadataFile=3D"PATH_TO_YOUR_METADATA"/> --> + <MetadataProvider id=3D"LocalMetadataForExampleSP1" xsi:type=3D"Fi= lesystemMetadataProvider" metadataFile=3D"%{idp.home}/metadata/examplesp1-m= etadata.xml"/> + <MetadataProvider id=3D"LocalMetadataForExampleSP2" xsi:type=3D"Fi= lesystemMetadataProvider" metadataFile=3D"%{idp.home}/metadata/examplesp2-m= etadata.xml"/>
=E5=8F=82=E8=80=83: =E5=AD=A6=E5=86=85=E3=82=B7=E3=82=B9=E3=83=86=E3=83=A0=E3=81=A8=E3=81= =97=E3=81=A6=E6=A7=8B=E7=AF=89=E3=81=99=E3=82=8B=E5=A0=B4=E5=90=88=E3=81=AE= =E8=A8=AD=E5=AE=9A