diff options
Diffstat (limited to 'src/installer')
| -rwxr-xr-x | src/installer/resources/install.properties | 2 | ||||
| -rwxr-xr-x | src/installer/resources/logging.xml | 6 | ||||
| -rwxr-xr-x | src/installer/resources/wayfconfig.xml | 90 |
3 files changed, 71 insertions, 27 deletions
diff --git a/src/installer/resources/install.properties b/src/installer/resources/install.properties index 4b9d0de..28cbcf0 100755 --- a/src/installer/resources/install.properties +++ b/src/installer/resources/install.properties @@ -1 +1 @@ -ds.home = /opt/shibboleth-ds
\ No newline at end of file +ds.home = /opt/shibboleth-ds diff --git a/src/installer/resources/logging.xml b/src/installer/resources/logging.xml index eff4799..0a5c91f 100755 --- a/src/installer/resources/logging.xml +++ b/src/installer/resources/logging.xml @@ -8,7 +8,7 @@ <File>$DS_HOME$/logs/discoveryService.log</File> <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <FileNamePattern>$DS_HOME$/logs/discovery-%d{yyyy-MM-dd}.log</FileNamePattern> + <FileNamePattern>$DS_HOME$/etc/DiscoveryService/logs/discovery-%d{yyyy-MM-dd}.log</FileNamePattern> </rollingPolicy> <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder"> @@ -29,13 +29,13 @@ Levels: ALL, ERROR, WARN, INFO, DEBUG, OFF --> - <!-- Logs DS, but not OpenSAML, messages --> + <!-- Logs IdP, but not OpenSAML, messages --> <logger name="edu.internet2.middleware.shibboleth"> <level value="WARN"/> <!-- Appender, DS_LOG, is inherited from the root logger --> </logger> - <!-- Logs OpenSAML, but not DS, messages --> + <!-- Logs OpenSAML, but not IdP, messages --> <logger name="org.opensaml"> <level value="INFO"/> <!-- Appender, DS_LOG, is inherited from the root logger --> diff --git a/src/installer/resources/wayfconfig.xml b/src/installer/resources/wayfconfig.xml index 664cd0d..e0d8b36 100755 --- a/src/installer/resources/wayfconfig.xml +++ b/src/installer/resources/wayfconfig.xml @@ -31,7 +31,18 @@ The SearchIgnore element contains a list of words to be ignored while performing a search. +--> + + <Default + jspFile="wayf.jsp" + errorJspFile="wayferror.jsp" + provideList="false" + warnOnBadBinding="false" + warnOnNoSAML2="false" + provideListOfList="true" + showUnusableIdPs="true"> +<!-- warnOnNoSAML2 causes the DS to issue a warning when it receives a DS protocol message from an SP which is declared to not support SAML2 in its metadata. The JIRA case @@ -44,7 +55,6 @@ THIS SETTING IS SYSTEM WIDE ONLY. --> - <Default jspFile="wayf.jsp" errorJspFile="wayferror.jsp" provideList="true" provideListOfList="false" warnOnBadBinding="false" warnOnNoSAML2="false" showUnusableIdPs="false"> <SearchIgnore> <IgnoreText>Institution</IgnoreText> <IgnoreText>University</IgnoreText> @@ -65,11 +75,21 @@ be used if the DS cannot get hold of the 'real' data. NOTE - for windows installation with an explicit DOS device ("C:\etc\discoveryservice") - The url below should be "file://C:\program files/metadata/sites.xml + The url below should be "file:///$DS_HOME$/metadata/sites.xml --> - <MetadataProvider displayName="Federation Name" identifier="FirstSite" url="file://$DS_HOME$/metadata/sites.xml"/> + <MetadataProvider displayName="SWAMID" identifier="SWAMID" + url="http://md.swamid.se/md/swamid-no-interfederation-combined.xml" + backingFile="/opt/shibboleth-ds/metadata/swamid-no-interfederation-combined.xml"/> + + <!-- MetadataProvider displayName="UK Federation" identifier="UKFED" + backingFile="/opt/shibboleth-ds/metadata/ukfederation-metadata.xml" + url="http://metadata.ukfederation.org.uk/ukfederation-metadata.xml"/ --> + + <MetadataProvider displayName="Kalmar2" identifier="Kalmar2" + backingFile="/opt/shibboleth-ds/metadata/kalmarcentral2.xml" + url="http://kalmar2.org/simplesaml/module.php/aggregator/?id=kalmarcentral2&set=saml2&exclude=sweden&mimetype=application/xml"/> <!-- If the DS is to handle data from more than one metadata source then more metadataproviders can be provided, as below @@ -131,8 +151,8 @@ element. As well as the attributes and elements described above, each DiscoveryServiceHandler *MUST* have a location attribute. - The default wayf.xml specifies that "/WAYF", "/DS" and "/*.wayf" - are the possibilities for DiscoveryServices. If a URL matches the above, + The default wayf.xml specifies that "/WAYF" and "/*.wayf" are the + possibilities for DiscoveryServices. If a URL matches the above, but does not match any location in a DiscoveryServiceHandler, then the first handler for which the default attribute is set true is invoked. @@ -142,28 +162,52 @@ --> - <DiscoveryServiceHandler location=".+/WAYF" default="true"> +<!-- The Javascript handler downloads javascript arrays with the IdPs and the cookies --> + <DiscoveryServiceHandler + location=".+/js.wayf" + provideList="true" + provideListOfList="false" + default="false" + jspFile="/javascript.jsp"> <PluginInstance identifier="CookiePlugin"/> - <!-- - <PluginInstance identifier="AddressHint"/> --> </DiscoveryServiceHandler> - - <!-- The ClearCache handler causes the cookie to be deleted. The jsp shipped - with the DS refers to this handler --> - - <DiscoveryServiceHandler location=".+/ClearCache.wayf"> - <PluginInstance identifier="DeleteCookiePlugin"/> - </DiscoveryServiceHandler> -<!-- Example of how to constrain a DiscoveryService to one (or more) - explicit metadata sources. (The default is to use all metadata - sources) + <DiscoveryServiceHandler location="https://ds.swamid.se(:[0-9]+)?/.+/ClearCache.wayf" jspFile="wayf-swamid.jsp" errorJspFile="wayferror-swamid.jsp"> + <PluginInstance identifier="DeleteCookiePlugin"/> + <Federation identifier="SWAMID"/> + </DiscoveryServiceHandler> - <DiscoveryServiceHandler location=".+/SecondOnly.wayf" > + <DiscoveryServiceHandler location="https://ds.swamid.se(:[0-9]+)?/.+/(DS|WAYF)/?" jspFile="wayf-swamid.jsp" errorJspFile="wayferror-swamid.jsp"> + <PluginInstance identifier="CookiePlugin"/> + <Federation identifier="SWAMID"/> + </DiscoveryServiceHandler> - <Federation identifier="SecondSite"/> - <PluginInstance identifier="CookiePlugin"/> - </DiscoveryServiceHandler> ---> + <DiscoveryServiceHandler location="https://wayf.swamid.se(:[0-9]+)?/.+/ClearCache.wayf" jspFile="wayf-swamid.jsp" errorJspFile="wayferror-swamid.jsp"> + <PluginInstance identifier="DeleteCookiePlugin"/> + <Federation identifier="SWAMID"/> + </DiscoveryServiceHandler> + + <DiscoveryServiceHandler location="https://wayf.swamid.se(:[0-9]+)?/.+/(DS|WAYF)/?" jspFile="wayf-swamid.jsp" errorJspFile="wayferror-swamid.jsp"> + <PluginInstance identifier="CookiePlugin"/> + <Federation identifier="SWAMID"/> + </DiscoveryServiceHandler> + + <DiscoveryServiceHandler location="https://ds.sunet.se(:[0-9]+)?/.+/ClearCache.wayf" jspFile="wayf-sunet.jsp" errorJspFile="wayferror-sunet.jsp"> + <PluginInstance identifier="DeleteCookiePlugin"/> + <Federation identifier="SWAMID"/> + </DiscoveryServiceHandler> + + <DiscoveryServiceHandler location="https://ds.sunet.se(:[0-9]+)?/.+/(DS|WAYF)/?" jspFile="wayf-sunet.jsp" errorJspFile="wayferror-sunet.jsp"> + <PluginInstance identifier="CookiePlugin"/> + <Federation identifier="SWAMID"/> + </DiscoveryServiceHandler> + + <DiscoveryServiceHandler provideListOfList="true" location="https://idp-test.nordu.net(:[0-9]+)?/.+/ClearCache.wayf" jspFile="wayf-ndn.jsp" errorJspFile="wayferror.jsp"> + <PluginInstance identifier="DeleteCookiePlugin"/> + </DiscoveryServiceHandler> + + <DiscoveryServiceHandler provideListOfList="true" location="https://idp-test.nordu.net(:[0-9]+)?/.+/(DS|WAYF)/?" jspFile="wayf-ndn.jsp" errorJspFile="wayferror.jsp"> + <PluginInstance identifier="CookiePlugin"/> + </DiscoveryServiceHandler> </WayfConfig> |