比較バージョン

キー

  • この行は追加されました。
  • この行は削除されました。
  • 書式設定が変更されました。

...

パネル
borderColor#cccccc
bgColor#eeeeee
borderStylesolid
    <!-- ========================================== -->
    <!--      Relying Party Configurations          -->
    <!-- ========================================== -->

    <rp:AnonymousRelyingParty provider="https://example-idp.nii.ac.jp/idp/shibboleth"
                           ↑ホスト名
                         defaultSigningCredentialRef="IdPCredential">
    <rp:DefaultRelyingParty provider="https://example-idp.nii.ac.jp/idp/shibboleth"
                           ↑ホスト名
                         defaultSigningCredentialRef="IdPCredential">

...

パネル
borderColor#cccccc
bgColor#eeeeee
borderStylesolid
    <!-- ========================================== -->
    <!--      Metadata Configuration                -->
    <!-- ========================================== -->
    <!-- MetadataProvider the combining other MetadataProviders -->
    <metadata:MetadataProvider id="ShibbolethMetadata" xsi:type="metadata:ChainingMetadataProvider">

        <!-- Load the IdP's own metadata.  This is necessary for artifact support. -->
        <!-- ←自動ダウンロードのメタデータを参照する為、コメントアウト
        <metadata:MetadataProvider id="IdPMD" xsi:type="metadata:ResourceBackedMetadataProvider">
            <metadata:MetadataResource xsi:type="resource:FilesystemResource" file="/opt/shibboleth-idp/metadata/idp-metadata.xml"/>
        </metadata:MetadataProvider>
        --> 
        <!-- Example metadata provider. -->
        <!-- Reads metadata from a URL and store a backup copy on the file system. -->
        <!-- Validates the signature of the metadata and filters out all by SP entities in order to save memory -->
        <!-- To use: fill in 'metadataURL' and 'backingFile' properties on MetadataResource element -->
        <!-- --> ←コメントアウト解除
<metadata:MetadataProvider id="URLMD" xsi:type="metadata:FileBackedHTTPMetadataProvider"                           metadataURL="https://metadata.gakunin.nii.ac.jp/gakunin-metadata.xml"                             ↑参照先ダウンロードメタデータのアドレス                           backingFile="/opt/shibboleth-idp/metadata/some-metadata.xml">                                    ↑メタデータは、このファイル名で保存             <metadata:MetadataFilter xsi:type="metadata:ChainingFilter">
                <metadata:MetadataFilter xsi:type="metadata:RequiredValidUntil"                                 maxValidityInterval="P15D" />                 <metadata:MetadataFilter xsi:type="metadata:SignatureValidation"                                 trustEngineRef="shibboleth.MetadataTrustEngine"                                 requireSignedMetadata="true" />                 <metadata:MetadataFilter xsi:type="metadata:EntityRoleWhiteList">                     <metadata:RetainedRole>samlmd:SPSSODescriptor</metadata:RetainedRole>                 </metadata:MetadataFilter>             </metadata:MetadataFilter>         </metadata:MetadataProvider>         <!-- -->←コメントアウト解除 </metadata:MetadataProvider>

...

パネル
borderColor#cccccc
bgColor#eeeeee
borderStylesolid
    <!-- ========================================== -->
    <!--     Security Configurations                -->
    <!-- ========================================== -->
    <security:Credential id="IdPCredential" xsi:type="security:X509Filesystem">
        <security:PrivateKey>/opt/shibboleth-idp/credentials/idp.key</security:PrivateKey>
        <security:Certificate>/opt/shibboleth-idp/credentials/idp.crt</security:Certificate>
    </security:Credential>

    <!-- Trust engine used to evaluate the signature on loaded metadata. -->
    <!-- --> ←コメントアウト解除
    <security:TrustEngine id="shibboleth.MetadataTrustEngine" xsi:type="security:StaticExplicitKeySignature">
        <security:Credential id="MyFederation1Credentials" xsi:type="security:X509Filesystem">
            <security:Certificate>/opt/shibboleth-idp/credentials/gakunin-signer-2010.cer</security:Certificate>
        </security:Credential>
    </security:TrustEngine>
    <!-- --> ←コメントアウト解除 

...