1 files changed, 50 insertions, 40 deletions

diff --git a/src/installer/resources/wayfconfig.xml b/src/installer/resources/wayfconfig.xml
index 1cd22d7..664cd0d 100644..100755
--- a/src/installer/resources/wayfconfig.xml
+++ b/src/installer/resources/wayfconfig.xml
@@ -1,7 +1,5 @@
-<?xml version="1.0"?>
-<WayfConfig 
-        xmlns="urn:mace:shibboleth:wayf:config:1.0" 
-        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" >
+<?xml version="1.0" encoding="UTF-8"?>
+<WayfConfig xmlns="urn:mace:shibboleth:wayf:config:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
 
 <!-- The default behaviour of Service is controlled via the elements
      and attributes below.  Non default behaviour is achieved by
@@ -18,11 +16,12 @@
      The jspFile & errorJspFile attributes control the display
 
      The provideList attribute controls whether a single list of all
-     possible IdPs is presented.  The default wayf.jsp works best
-     if this is true when provideListofList is true.
+     possible IdPs is presented.  This also controls whether the
+     Quick search dialog is presented.
      
      The provideListOfList attribute controls whether multiple lists
-     are presented (one for each MetadataProvider).
+     are presented (one for each MetadataProvider). Rather than all
+     the entities as one.
 
      The showUsableIdPs attribute controls the contents of the above
      lists.  The single list (provideList=true) is trimmed by
@@ -32,21 +31,20 @@
      
      The SearchIgnore element contains a list of words to be ignored while
      performing a search.
-     
+
+     warnOnNoSAML2 causes the DS to issue a warning when it receives a
+     DS protocol message from an SP which is declared to not support
+     SAML2 in its metadata.  The JIRA case 
+     https://issues.shibboleth.net/jira/browse/SDSJ-91 has more details.
+
      warnOnBadBinding describes what to do iof the metadata has a badly 
      formed <DiscoveryResponse> false (or not present) means that the bad 
      SP is removed from the metadata and an error written to the log file.
-     True means that we just noter this in the log file.
+     True means that we just note this in the log file.
      THIS SETTING IS SYSTEM WIDE ONLY.
 -->
 
-        <Default 
-            jspFile="wayf.jsp"
-            errorJspFile="wayferror.jsp"
-            provideList="false"
-            provideListOfList="true"
-            warnOnBadBinding="false"
-            showUnusableIdPs="false">
+        <Default jspFile="wayf.jsp" errorJspFile="wayferror.jsp" provideList="true" provideListOfList="false" warnOnBadBinding="false"  warnOnNoSAML2="false" showUnusableIdPs="false">
             <SearchIgnore>
                 <IgnoreText>Institution</IgnoreText>
                 <IgnoreText>University</IgnoreText>
@@ -69,14 +67,11 @@
      NOTE - for windows installation with an explicit DOS device ("C:\etc\discoveryservice")
      The url below should be "file://C:\program files/metadata/sites.xml
      
-      -->
+-->
 
-        <MetadataProvider 
-                displayName="Federation Name"
-                identifier="FirstSite"
-                url="file://$DS_HOME$/metadata/sites.xml"/>
+        <MetadataProvider displayName="Federation Name" identifier="FirstSite" url="file://$DS_HOME$/metadata/sites.xml"/>
 
-<!-- If the WAYF is to handle data from more than one metadata source
+<!-- If the DS is to handle data from more than one metadata source
      then more metadataproviders can be provided, as below
         
        <MetadataProvider 
@@ -84,27 +79,45 @@
                 identifier="SecondSite"
                 backingFile="$DS_HOME$/metadata/ukfed_store.xml"
                 url="http://metadata.ukfederation.org.uk/ukfederation-metadata.xml"/>
+
+      White and black list providers are defined as filters inside a provider:
+      
+       <MetadataProvider 
+
+                displayName="WhiteListed Metadata"
+                identifier="White"
+                type="edu.internet2.middleware.shibboleth.metadata.provider.XMLMetadata"
+                backingFile="$DS_HOME$/metadata/whitelist_store.xml"
+                url="http://metadata.ukfederation.org.uk/ukfederation-test.xml">
+
+          <Filter identifier="false" 
+                type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.ListFilter"
+                excludeEntries="true">
+              <EntityId>https://idp.edina.ac.uk/shibboleth</EntityId>
+              <EntityId>https://dlib-adidp.ucs.ed.ac.uk/shibboleth</EntityId>
+              <EntityId>https://idp.edina.ac.uk/shibboleth-devel</EntityId>
+              <EntityId>https://idp.edina.ac.uk/shibboleth-devel-13</EntityId>
+         </Filter>
+       </MetadataProvider>
+
+     NOTE that the resulting metadata has to include any SP which may need service from
+     this DS.   
+     
+     For a black list, set excludeEntries="true" (the listed Entities will be excluded), for 
+     a while list, set it to "false" (the listed entries will be included). 
+
 -->
 
+
 <!-- Plugins are extensible, the identifier is required, as is the
      type, the rest is for the plugin to define -->
 
 
      <!-- The Cookie Plugin is part of the standard distribution it interrogates and sets the _saml_idp
           cookie.  According to parameterization it can just delete the cookie -->
-     <Plugin
-        identifier="CookiePlugin"
-        type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.SamlCookiePlugin"
-        alwaysFollow = "FALSE"
-        deleteCookie = "FALSE"
-	cacheExpiration = "604800"/> 
+     <Plugin identifier="CookiePlugin" type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.SamlCookiePlugin" alwaysFollow="FALSE" deleteCookie="FALSE" cacheExpiration="604800"/> 
 
-     <Plugin
-        identifier="DeleteCookiePlugin"
-        type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.SamlCookiePlugin"
-        alwaysFollow = "FALSE"
-        deleteCookie = "TRUE"
-        cacheExpiration = "604800"/> 
+     <Plugin identifier="DeleteCookiePlugin" type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.SamlCookiePlugin" alwaysFollow="FALSE" deleteCookie="TRUE" cacheExpiration="604800"/> 
 
 	<!-- Other plugins are declared similarly 
      <Plugin
@@ -129,19 +142,16 @@
       -->
 
 
-    <DiscoveryServiceHandler
-        location=".+/WAYF" 
-        default="true">
+    <DiscoveryServiceHandler location=".+/WAYF" default="true">
         <PluginInstance identifier="CookiePlugin"/>
         <!--
             <PluginInstance identifier="AddressHint"/> -->
     </DiscoveryServiceHandler>
    
  <!-- The ClearCache handler causes the cookie to be deleted.  The jsp shipped
-     with the WAYF refers to this handler -->
+     with the DS refers to this handler -->
         
-    <DiscoveryServiceHandler
-        location=".+/ClearCache.wayf">
+    <DiscoveryServiceHandler location=".+/ClearCache.wayf">
         <PluginInstance identifier="DeleteCookiePlugin"/>
     </DiscoveryServiceHandler>