Versions Compared

Old Version 12

changes.mady.by.user trscavo@ncsa.illinois.edu

Saved on

compared with

New Version 13

changes.mady.by.user trscavo@ncsa.illinois.edu

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The InlineMetadataProvider allows the static specification of SAML2 Metadata inside the Metadata providermetadata provider.

Schema Names and location

The <MetadataProvider> element and the type InlineMetadataProvider are defined by the urn:mace:shibboleth:2.0:metadata schema, which can be located at http://shibboleth.net/schema/idp/shibboleth-metadata.xsd.

The SAML Metadata is defined by the urn:oasis:names:tc:SAML:2.0:metadata schema which can be located at http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd.

Attributes

Any of the common attributes can Common Attributes may be specified.

Child Elements

Any of the following child elements may be specified (in order).

NameCardinalityDescription
<MetadataFilter>0 or moreA metadata filter applied to candidate metadata as it flows through the metadata pipeline
<md:EntityDescriptor>
0 or 1Specifies the metadata for a single SAML entity
<md:EntitiesDescriptor>
0 or 1Specifies the metadata for two or more SAML entities

The <MetadataFilter> child element is common to all metadata providers. The remaining child elements are exclusive to the InlineMetadataProvider type.

Exactly one of the <md:EntityDescriptor> or <md:EntitiesDescriptor> child elements is required. If neither is configured, an error will occur. See the SAML 2.0 Metadata specification for more information about these elements.

Examples

The following example specifies SAML metadata whose top-level element is an <md:EntityDescriptor> element:

Code Block
languagexml
titleInline EntityDescriptor
collapsetrue
<MetadataProvider xmlns:samlmdmd="urn:oasis:names:tc:SAML:2.0:metadata" id="exampleInLineEntity" xsi:type="InlineMetadataProvider" sortKey="1">
	<samlmd<!-- Details removed -->
	<md:EntityDescriptor ID="entity" entityID="https://app.example.org/sp">
        <!-- Details removed -->
      	<samlmd<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
			<samlmd<md:AssertionConsumerService
				Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
				Location="https://sp.example.org/Shibboleth.sso/SAML2/POST"
				index="1" />
        <!-- More details removed -->
/md:SPSSODescriptor>
	</samlmdmd:EntityDescriptor>
</MetadataProvider>

The following example specifies SAML metadata whose top-level element is an <md:EntitiesDescriptor> element:

Code Block
languagexml
titleInline EntitiesDescriptor
collapsetrue
<MetadataProvider xmlns:samlmdmd="urn:oasis:names:tc:SAML:2.0:metadata" id="exampleInLineEntities" xsi:type="InlineMetadataProvider">
	<samlmd<!-- Details removed -->
	<md:EntitiesDescriptor>
		<samlmd<md:EntityDescriptor ID="uk001502" entityID="https://wiki.example.org/sp">
            <!-- Details removed -->
			<samlmd<md:SPSSODescriptor
				protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
				<saml:AssertionConsumerService
					Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
					Location="https://sp.example.org/Shibboleth.sso/SAML2/POST"
					index="1" />
			</samlmdmd:SPSSODescriptor>
     
      <!-- More details removed -->
		</samlmdmd:EntityDescriptor>
        <!-- Further EntityDescriptors removed -->
	</samlmdmd:EntitiesDescriptor>
</MetadataProvider>