Child pages
  • 1. relying-party.xml

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Panel
borderColor#cccccc
bgColor#eeeeee
borderStylesolid

    <!--

==========================================

-->


    <!--

Relying Party Configurations -->

      Relying Party Configurations          -->
    <!--

==========================================

-->



    <rp:AnonymousRelyingParty

provider="https://idp.example.asia/idp/shibboleth"

                         


                                                IdP

Hostname 

Hostname
                         defaultSigningCredentialRef="IdPCredential">


   

<rp:DefaultRelyingParty

provider="https://idp.example.asia/idp/shibboleth"

                         


                                              IdP

Hostname

Hostname
                         defaultSigningCredentialRef="IdPCredential">


Metadata Load Setting

Edit /opt/shibboleth-idp/conf/relying-party.xml

...

Panel
borderColor#cccccc
bgColor#eeeeee
borderStylesolid

    <!--

==========================================

-->


    <!--

Metadata

Configuration

-->


    <!--

==========================================

-->
<snip>
       

<!--

Example

metadata

provider.

-->
       

<!--

Reads

metadata

from

a

URL

and

store

a

backup

copy

on

the

file

system.

-->
       

<!--

Validates

the

signature

of

the

metadata

and

filters

out

all

by

SP

entities

in

order

to

save

memory

-->
       

<!--

To

use:

fill

in

'metadataURL'

and

'backingFile'

properties

on

MetadataResource

element

-->
       

<!--

-->

←Add

comment

end
       

<metadata:MetadataProvider

id="URLMD"

xsi:type="metadata:FileBackedHTTPMetadataProvider"
                         

metadataURL="http://sp.example.asia/metadata/sp-metadata.xml"

                       ↑URL of SP

                                              ↑URL of SP metadata
                         

backingFile="/opt/shibboleth-idp/metadata/sp-example-asia-metadata.xml">

                                  ↑backup file name of SP

                                                                    ↑backup file name of SP metadata
      <!--

Add

comment

start
           

<metadata:MetadataFilter

xsi:type="metadata:ChainingFilter">
               

<metadata:MetadataFilter

xsi:type="metadata:RequiredValidUntil"
                               

maxValidityInterval="P7D"

/>
               

<metadata:MetadataFilter

xsi:type="metadata:SignatureValidation"
                               

trustEngineRef="shibboleth.MetadataTrustEngine"
                               

requireSignedMetadata="true"

/>
               

<metadata:MetadataFilter

xsi:type="metadata:EntityRoleWhiteList">
                   

<metadata:RetainedRole>samlmd:SPSSODescriptor</metadata:RetainedRole>
               

</metadata:MetadataFilter>
           

</metadata:MetadataFilter>
      -->

←Add

comment

end
       

</metadata:MetadataProvider>
       

<!--

-->

Add

comment

start

 

If the metadata directory owner is not yet modified, please operate following command.

...