Versions Compared

Version Old Version 1 New Version 2
Changes made by

Scott Cantor

Rod Widdowson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

=<RelyingParty name="URI"=
providerId="URI"
signingCredential="string"
AAUrl="URL"
defaultAuthMethod="URN"
passThruErrors="true/false"
providerId="string"
signAssertions="true/false"
=

In addition to its attributes, this element may contain a NameID element to specify a naming mechanism for assertions sent to this relying party.

...

metadatatool

The Shibboleth ! IdP leverages metadata distributed by relying parties and federations to validate the identity of requesters and the resource providers on whose behalf the request is being made. This metadata is cached locally in the form of metadata.xml . Shibboleth includes a simple utility called metadatatool which can be used to refresh a metadata.xml file. These files are then pointed to by MetadataProvider elements in idp.xml and shibboleth.xml .

...

This is a list of all the command-line parameters that may be specified:

Code Block
when signing:&nbsp;&nbsp;&nbsp;&nbsp;  -i &lt;uri&gt;<uri> -s -k &lt;keystore&gt;<keystore> -a &lt;alias&gt;<alias> -p &lt;pass&gt;<pass> [-o &lt;outfile&gt;]<br><outfile>]
when updating:&nbsp;&nbsp; -i &lt;uri&gt;<uri> [-k &lt;keystore&gt;<keystore> -a &lt;alias&gt;<alias> OR -N ] [-o &lt;outfile&gt;<outfile>]

-i,--in

input file or url

-k,--keystore

pathname of Java keystore file

-a,--alias

alias of signing or verification key

-p,--password

keystore/key password

-o,--outfile

write signed copy to this file instead of stdout

-s,--sign

sign the input file and write out a signed version

-N,--noverify

allows update of file without signature check

-h,--help

print a list of configuration options

-x,--ns

XML namespace of root element

-n,--name

name of root element

...