...
Name | Cardinality | Description |
|---|---|---|
<Extensions> | 0 or 1 | Allows for system-wide extension libraries to be loaded. This is rarely used because most extensions come in separate in-process ("lite") and out-of-process versions that limit the libraries loaded into web server processes to avoid symbol conflicts. |
<OutOfProcess> | 0 or 1 | Deals with configuration and extensions of the |
<InProcess> | 0 or 1 | Contains settings governing the portion of the SP that runs inside the web server, as well as configuration of that web server. Required for Microsoft IIS integrations in order to define IIS site mappings and general module configuration. |
<Listener> | 0 or 1 | Pluggable extension point for Listeners other than the two provided with the software. |
<UnixListener> | Listener implementation that relies on a Unix domain socket. Default on non-Windows systems. | |
<TCPListener> | Listener implementation that relies on a TCP socket. Can be used across a pre-secured network, but this is not recommended due to the overhead involved. Default on Windows systems. | |
<StorageService> | 0 or more | Configures the storage of information that must persist across requests, like the SessionCache and ReplayCache. When omitted, an in-memory plugin identified as |
<DataSealer><DataSealer> | 0 or 1 | Configures the component that handles secure storage of data in client-side cookies in support of other features, primarily the SessionCache session recovery feature |
<SessionCache> | 0 or 1 | Configures the caching of typically cookie-based sessions that bind attributes and SAML assertions for use by web requests. When omitted, the StorageService-based cache will be used on top of the default StorageService, with other options defaulted. |
<ReplayCache> | 0 or 1 | Configures the caching of message identifiers for short periods to prevent replay attacks. If omitted a default/arbitrary StorageService will be used. |
<ArtifactMap> | 0 or 1 | Configures the short-term storage of XML messages bound to artifacts for communication to partner sites by reference. If omitted an in-memory version with default settings will be used. |
<RequestMapper> | 0 or 1 | Maps incoming web requests to configuration settings and the Application to associate with them. Generally needed only with Microsoft IIS. |
<ApplicationDefaults> | 1 | Defines most of the runtime behavior of the software when the SP processes SAML assertions, extracts data, and establishes sessions. Most of your changes, if any, will be here. |
<SecurityPolicyProvider> | 1 | Controls the low-level security and XML processing performed during the runtime operation of the SP. Mostly used to supplement the list of cryptographic algorithms to block, or in rare cases, to permit those blocked by default. |
<ProtocolProvider> | 0 or 1 | Plugin used to supply default binding/endpoint information for supported protocols to drive the simplified content of the |
<TransportOption> | 0 or more | Allows implementation-specific options to be passed into the SOAP client transport code. Only for experts. |
<ds:Signature> | 0 or 1 | A digital signature over the entire file. Used in conjunction with the reloadable file support for verification of signed resources, usually only relevant for remotely-acquired configuration files. |
...