Consider generalizing into a replacement for SP's metagen script
Description
Environment
Activity
Brent PutmanAugust 26, 2023 at 1:53 AM
Fixed the template double-quote bugs I found that I earlier mentioned on committers list.
Scott CantorAugust 21, 2023 at 5:24 PM
Docs added (will need to swap this page in once we release).
There are more things to add, but for now best to close this out and treat any new stuff as enhancements.
Scott CantorAugust 18, 2023 at 4:36 PM
Added an optional module to allow the templates to be copied in for modification.
Scott CantorJuly 18, 2023 at 4:11 PM
Added a layout template feature along with a Shibboleth-specific template to be installed into examples by the module.
Scott CantorJuly 17, 2023 at 4:48 PM
I have a thought but I don’t think it will fit well into the OpenSAML layer so apart from “the installer could also do this”, my solution probably isn’t a great fit for it.
I probably will add an option that points to an EntityDescriptor fragment to parse that will be mostly empty except for endpoints with a “$hostname” token or something like that in the endpoints, and I will unmarshall it, and then walk the endpoints filling in the hostname (derived from a different option).
So it ultimately just automates to some extent the production of part of the role objects the interface requires you to supply.
As an experiment I would like to explore turning this plugin into something more generic that can generate metadata for both SPs and IdPs using Velocity templates. The existing metadagen shell script in the SP is something I’ve customized locally and use for a huge range of SP metadata requirements and I manage my IdP with it more or less. But it’s not Windows-compatible and it’s pretty ugly to maintain.
A replacement in Java has obvious advantages but one big drawback being ability to easily tweak and performance. Using Velocity could address the “tweak” side of this to some degree, but to fix the performance issues it would have to be “batchable” using command files that it would parse to obtain the options to run with.
For now, just playing around to see what might be possible.