idp/templates/config/metadata-providers.xml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58

<?xml version="1.0" encoding="UTF-8"?>
<!-- This file is an EXAMPLE metadata configuration file. -->
<MetadataProvider id="ShibbolethMetadata" xsi:type="ChainingMetadataProvider"
    xmlns="urn:mace:shibboleth:2.0:metadata"
    xmlns:resource="urn:mace:shibboleth:2.0:resource"
    xmlns:security="urn:mace:shibboleth:2.0:security"
    xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd
                        urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd
                        urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd
                        urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd">

    <!-- ========================================================================================== -->
    <!--                             Metadata Configuration                                         -->
    <!--                                                                                            -->
    <!--  Below you place the mechanisms which define how to load the metadata for SP(s) you will   -->
    <!--  provide service to.                                                                       -->
    <!--                                                                                            -->
    <!--  Two examples are provided.  The Shibboleth Documentation at                               -->
    <!--  https://wiki.shibboleth.net/confluence/display/IDP30/MetadataConfiguration                -->
    <!--  provides more details.                                                                    -->
    <!--                                                                                            -->
    <!--  NOTE.  This file SHOULD NOT contain the metadata for this IdP.                            -->
    <!-- ========================================================================================== -->

    <!--
    <MetadataProvider id="HTTPMetadata"
                      xsi:type="FileBackedHTTPMetadataProvider"
                      backingFile="%{idp.home}/metadata/localCopyFromXYZHTTP.xml"
                      metadataURL="http://WHATEVER">

        <MetadataFilter xsi:type="SignatureValidation" certificateFile="%{idp.home}/credentials/metaroot.pem" />
        <MetadataFilter xsi:type="RequiredValidUntil" maxValidityInterval="P30D"/>
        <MetadataFilter xsi:type="EntityRoleWhiteList">
            <RetainedRole>md:SPSSODescriptor</RetainedRole>
        </MetadataFilter>
    </MetadataProvider>
    -->

    <MetadataProvider id="SWAMID2"
                      xsi:type="FileBackedHTTPMetadataProvider"
                      metadataURL="https://mds.swamid.se/md/swamid-2.0.xml"
                      backingFile="%{idp.home}/metadata/swamid-2.0.xml">

      <MetadataFilter xsi:type="SignatureValidation"
                      requireSignedRoot="true"
                      certificateFile="%{idp.home}/credentials/md-signer2.crt" />
      <MetadataFilter xsi:type="EntityRoleWhiteList">
        <RetainedRole>md:SPSSODescriptor</RetainedRole>
      </MetadataFilter>
    </MetadataProvider>


    <!--<MetadataProvider id="sp.nordu.dev" xsi:type="FilesystemMetadataProvider" metadataFile="/metadata/sp-metadata.xml" /> -->

    <!-- local SPs -->
</MetadataProvider>