...
Legacy V2 File(s): conf/services.xml
Table of Contents
Overview
The services.xml file is used to specify many of the other configuration files (or more generally, Spring Resources) to load to configure various important services within the IdP. The services.properties file provides a less granular way to identify the Spring beans containing the lists of resources, and also controls the dynamic reloading behavior of those services.
...
- change the resources used, or more commonly add additional resources to supplement built-in defaults
- configure more specialized approaches such as Subversion resources or remote HTTP resources
- control how often to check for changes and reload configurations, if at all
V2 Compatibility
A similar function was performed by the services.xml file in 2.x, but in 3.0 this file is now a native Spring bean file and the older services XML schema is not supported or used.
...
The services.xml file contains a series of "list" beans that specify the Spring Resources to load into various services. The lists are named with specific bean IDs (see below) that direct the resources into the various services. If you wish to supply your own resource lists without modifying the delivered lists, you may control the bean IDs used by modifying services.properties.
...
| Property | Type | Default | Function |
|---|---|---|---|
| idp.service.logging.resource | Resource path | %{idp.home}/conf/logback.xml | Logging configuration resource to use |
| idp.service.logging.failFast | Boolean | false | Fail at startup if logging configuration is invalid |
| idp.service.logging.checkInterval | Duration | 0 | Time to notice changes to logging configuration and reload service |
| idp.service.relyingparty.resources | Bean ID | shibboleth.RelyingPartyResolverResources | Name of Spring bean identifying resources to use for RelyingPartyConfiguration service |
| idp.service.relyingparty.failFast | Boolean | false | Fail at startup if RelyingPartyConfiguration is invalid |
| idp.service.relyingparty.checkInterval | Duration | 0 | Time to notice changes to RelyingPartyConfiguration configuration and reload service |
| idp.service.metadata.resources | Bean ID | shibboleth.MetadataResolverResources | Name of Spring bean identifying resources to use for MetadataConfiguration service |
| idp.service.metadata.failFast | Boolean | false | Fail at startup if MetadataConfiguration is invalid |
| idp.service.metadata.checkInterval | Duration | 0 | Time to notice changes to MetadataConfiguration configuration and reload service |
| idp.service.attribute.resolver.resources | Bean ID | shibboleth.AttributeResolverResources | Name of Spring bean identifying resources to use for AttributeResolverConfiguration service |
| idp.service.attribute.resolver.failFast | Boolean | false | Fail at startup if AttributeResolverConfiguration is invalid |
| idp.service.attribute.resolver.checkInterval | Duration | 0 | Time to notice changes to AttributeResolverConfiguration configuration and reload service |
| idp.service.attribute.filter.resources | Bean ID | shibboleth.AttributeFilterResources | Name of Spring bean identifying resources to use for AttributeFilterConfiguration service |
| idp.service.attribute.filter.failFast | Boolean | false | Fail at startup if AttributeFilterConfiguration is invalid |
| idp.service.attribute.filter.checkInterval | Duration | 0 | Time to notice changes to AttributeFilterConfiguration configuration and reload service |
| idp.service.nameidGeneration.resources | Bean ID | shibboleth.NameIdentifierGenerationResources | Name of Spring bean identifying resources to use for NameIDGenerationConfiguration service |
| idp.service.nameidGeneration.failFast | Boolean | false | Fail at startup if NameIDGenerationConfiguration is invalid |
| idp.service.nameidGeneration.checkInterval | Duration | 0 | Time to notice changes to NameIDGenerationConfiguration configuration and reload service |
| idp.service.access.resources | Bean ID | shibboleth.AccessControlResources | Name of Spring bean identifying resources to use for AccessControlConfiguration service |
| idp.service.access.failFast | Boolean | false | Fail at startup if AccessControlConfiguration is invalid |
| idp.service.access.checkInterval | Duration | 0 | Time to notice changes to AccessControlConfiguration configuration and reload service |
| idp.message.resources | Bean ID | shibboleth.MessageSourceResources | Name of Spring bean identifying Spring message property resources |
| idp.message.cacheSeconds | Integer | 300 | Seconds between reloads of message property resources |
idp.httpclient.connectionDisregardTLSCertificate | Boolean | false | Whether to ignore TLS certificates by default when loading an HTTPResource |
| idp.httpclient.connectionTimeout | Integer | -1 | Default connection timeout for HTTPResource (-1 for none) |
| idp.httpclient.memorycaching.maxCacheEntries | Integer | 50 | Maximum number of cache entries when using the "shibboleth.MemoryCachingHttpClient" bean |
| idp.httpclient.memorycaching.maxCacheEntrySize | Integer | 1048576 | Maximum size of cache when using the "shibboleth.MemoryCachingHttpClient" bean |
| idp.httpclient.filecaching.maxCacheEntries | Integer | 100 | Maximum number of cache entries when using the "shibboleth.FileCachingHttpClient" bean |
| idp.httpclient.filecaching.maxCacheEntrySize | Integer | 10485760 | Maximum size of cache when using the "shibboleth.FileCachingHttpClient" bean |
idp.httpclient.filecaching.cacheDirectory | File path | None | Directory location of cache when using the "shibboleth.FileCachingHttpClient" bean |
V2 Compatibility
A similar function was performed by the services.xml file in 2.x, but in 3.0 this file is now a native Spring bean file and the older services XML schema is not supported or used.
Advanced Notes
You can use any kind of Resource supported by Spring, along with additional custom resource types provided with the IdP for handling Subversion and HTTP resources.