...
- https://alpha.example.org/users
- https://alpha.example.org/admins?grp=1
- https://alpha.example.org/secure/dashboard
In order to index ACS endpoints to support the matching process, a CAS-specific index, shibboleth.CASMetadataIndices, must be applied to any metadata sources that contain CAS protocol entries. The following configuration snippet from conf/metadata-providers.xml provides an example:
Code Block | ||||
---|---|---|---|---|
| ||||
<MetadataProvider id="CASMetadata"
xsi:type="FileBackedHTTPMetadataProvider"
backingFile="/var/run/idp/vt-metadata.xml"
metadataURL="https://metadata.example.edu/cas.xml"
indexesRef="shibboleth.CASMetadataIndices">
<MetadataFilter xsi:type="EntityRoleWhiteList">
<RetainedRole>samlmd:SPSSODescriptor</RetainedRole>
</MetadataFilter>
</MetadataProvider> |
Proxy Configuration
One or more AssertionConsumerService elements with the binding https://www.apereo.org/cas/protocol/proxy identify proxy callback endpoints. The appearance of at least one ACS endpoint with the proxy binding is an implicit signal to permit proxying; conversely, if no there is no ACS element defined with the proxy binding, then the service is not authorized to proxy.
...