Import shibboleth ds 1.1.0v1.1.0upstreamds.swamid.se

1 files changed, 159 insertions, 0 deletions

diff --git a/src/installer/resources/wayfconfig.xml b/src/installer/resources/wayfconfig.xml
new file mode 100644
index 0000000..1cd22d7
--- /dev/null
+++ b/src/installer/resources/wayfconfig.xml
@@ -0,0 +1,159 @@
+<?xml version="1.0"?>
+<WayfConfig 
+        xmlns="urn:mace:shibboleth:wayf:config:1.0" 
+        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" >
+
+<!-- The default behaviour of Service is controlled via the elements
+     and attributes below.  Non default behaviour is achieved by
+     specifying any or all of these in the specific
+     DiscoveryServiceHandler element.
+
+     The handleCookie, cacheDomain and cacheExpiration attributes are
+     no longer used.  Use the cookie plugin to configure the handling
+     of the SAML cookie.
+
+     The cacheExpiration attribute sets the expiration time of the
+     cookie (if the 'Remember for a week' selection is made).
+
+     The jspFile & errorJspFile attributes control the display
+
+     The provideList attribute controls whether a single list of all
+     possible IdPs is presented.  The default wayf.jsp works best
+     if this is true when provideListofList is true.
+     
+     The provideListOfList attribute controls whether multiple lists
+     are presented (one for each MetadataProvider).
+
+     The showUsableIdPs attribute controls the contents of the above
+     lists.  The single list (provideList=true) is trimmed by
+     excluding IdPs which do not share a metadata file with the SP.
+     The multiple lists (provideListOfList=true) is trimmed by
+     excluding all lists which do not specify the SP.
+     
+     The SearchIgnore element contains a list of words to be ignored while
+     performing a search.
+     
+     warnOnBadBinding describes what to do iof the metadata has a badly 
+     formed <DiscoveryResponse> false (or not present) means that the bad 
+     SP is removed from the metadata and an error written to the log file.
+     True means that we just noter this in the log file.
+     THIS SETTING IS SYSTEM WIDE ONLY.
+-->
+
+        <Default 
+            jspFile="wayf.jsp"
+            errorJspFile="wayferror.jsp"
+            provideList="false"
+            provideListOfList="true"
+            warnOnBadBinding="false"
+            showUnusableIdPs="false">
+            <SearchIgnore>
+                <IgnoreText>Institution</IgnoreText>
+                <IgnoreText>University</IgnoreText>
+                <IgnoreText>State </IgnoreText>
+                <IgnoreText>School</IgnoreText>
+            </SearchIgnore>
+        </Default>
+        
+<!-- The MetadataProvider is in a similar syntax to that used to
+     configure an IdP.  This means that plugins for the IdP can be
+     used interchangably between the IdP and WAYF.
+
+     The identifier element is used to uniquely distinguish the
+     metadata in a Federation element below
+     
+     If an HTTP URL is provided for the name, a backingFile has to be provided.
+     This is where the file will be spooled to locally.  This spooled file will
+     be used if the DS cannot get hold of the 'real' data.
+     
+     NOTE - for windows installation with an explicit DOS device ("C:\etc\discoveryservice")
+     The url below should be "file://C:\program files/metadata/sites.xml
+     
+      -->
+
+        <MetadataProvider 
+                displayName="Federation Name"
+                identifier="FirstSite"
+                url="file://$DS_HOME$/metadata/sites.xml"/>
+
+<!-- If the WAYF is to handle data from more than one metadata source
+     then more metadataproviders can be provided, as below
+        
+       <MetadataProvider 
+                displayName="Another Name Here"
+                identifier="SecondSite"
+                backingFile="$DS_HOME$/metadata/ukfed_store.xml"
+                url="http://metadata.ukfederation.org.uk/ukfederation-metadata.xml"/>
+-->
+
+<!-- Plugins are extensible, the identifier is required, as is the
+     type, the rest is for the plugin to define -->
+
+
+     <!-- The Cookie Plugin is part of the standard distribution it interrogates and sets the _saml_idp
+          cookie.  According to parameterization it can just delete the cookie -->
+     <Plugin
+        identifier="CookiePlugin"
+        type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.SamlCookiePlugin"
+        alwaysFollow = "FALSE"
+        deleteCookie = "FALSE"
+	cacheExpiration = "604800"/> 
+
+     <Plugin
+        identifier="DeleteCookiePlugin"
+        type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.SamlCookiePlugin"
+        alwaysFollow = "FALSE"
+        deleteCookie = "TRUE"
+        cacheExpiration = "604800"/> 
+
+	<!-- Other plugins are declared similarly 
+     <Plugin
+                 identifier="AddressHint"
+                 type="uk.ac.sdss.IdPIPLookup"
+                 />  
+     -->
+
+
+<!-- Every handler has to be declared with a DiscoverServiceHandler
+     element.  As well as the attributes and elements described above,
+     each DiscoveryServiceHandler *MUST* have a location attribute.
+     
+     The default wayf.xml specifies that "/WAYF", "/DS" and "/*.wayf" 
+     are the possibilities for DiscoveryServices.  If a URL matches the above,
+     but does not match any location in a DiscoveryServiceHandler,
+     then the first handler for which the default attribute is set
+     true is invoked.
+     
+     The web.xml built into into the war file should not be changed
+     unless you have to change the end points that it uses.
+      -->
+
+
+    <DiscoveryServiceHandler
+        location=".+/WAYF" 
+        default="true">
+        <PluginInstance identifier="CookiePlugin"/>
+        <!--
+            <PluginInstance identifier="AddressHint"/> -->
+    </DiscoveryServiceHandler>
+   
+ <!-- The ClearCache handler causes the cookie to be deleted.  The jsp shipped
+     with the WAYF refers to this handler -->
+        
+    <DiscoveryServiceHandler
+        location=".+/ClearCache.wayf">
+        <PluginInstance identifier="DeleteCookiePlugin"/>
+    </DiscoveryServiceHandler>  
+
+<!-- Example of how to constrain a DiscoveryService to one (or more)
+     explicit metadata sources.  (The default is to use all metadata
+     sources)
+
+ <DiscoveryServiceHandler location=".+/SecondOnly.wayf" >
+
+        <Federation identifier="SecondSite"/>
+        <PluginInstance identifier="CookiePlugin"/>
+    </DiscoveryServiceHandler>  
+-->
+
+</WayfConfig>