Versions Compared

Old Version 4

changes.mady.by.user Marvin Addison

Saved on

compared with

New Version 5

changes.mady.by.user Marvin Addison

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Document need for CAS metadata index

...

In order to index ACS endpoints to support the matching process, a CAS-specific index, shibboleth.CASMetadataIndices, must be applied to any metadata sources that contain CAS protocol entries. The following configuration snippet from conf/metadata-providers.xml provides an example:

Code Block
languagexml
titleCAS Metadata Example
  <MetadataProvider id="CASMetadata"
    xsi:type="FileBackedHTTPMetadataProvider"
    backingFile="/var/run/idp/vt-metadata.xml"
    metadataURL="https://metadata.example.edu/cas.xml"
    indexesRef="shibboleth.CASMetadataIndices">

    <MetadataFilter xsi:type="EntityRoleWhiteList">
      <RetainedRole>samlmd:SPSSODescriptor</RetainedRole>
    </MetadataFilter>
  </MetadataProvider>


Proxy Configuration

One or more AssertionConsumerService elements with the binding https://www.apereo.org/cas/protocol/proxy identify proxy callback endpoints. The appearance of at least one ACS endpoint with the proxy binding is an implicit signal to permit proxying; conversely, if no there is no ACS element defined with the proxy binding, then the service is not authorized to proxy.

...