Versions Compared

Old Version 3

changes.mady.by.user Scott Cantor

Saved on

compared with

New Version 4

changes.mady.by.user Scott Cantor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

File(s): conf/metadata-providers.xml
Format:Custom Schema

Table of Contents
maxLevel3

Overview

The Shibboleth IdP generally requires SAML metadata to provision connectivity with SAML relying parties and inform it about their capabilities and technical specifics. While you have the option to operate in a more "promiscuous" way (by enabling profiles for "unverified" RPs), this is not a common operating mode. In most cases, you will configure metadata sources in order to use the IdP's SAML features; this is done by adding <MetadataProvider> elements inside the metadata-providers.xml file.

...

A typical use case is to load (and periodically reload) entity metadata from a local file:

Include Page

...

FilesystemMetadataProviderExample

...

FilesystemMetadataProviderExample

Another use case is to load (and periodically reload) a metadata aggregate from a remote source via HTTP:

Include Page

...

RemoteMetadataAggregateExample

...

RemoteMetadataAggregateExample

But increasingly, the dynamic providers (LocalDynamicMetadataProvider and DynamicHTTPMetadataProvider) are used in lieu of the reloading providers (FilesystemMetadataProvider and FileBackedHTTPMetadataProvider) shown above. See the MetadataManagementBestPractices topic for use cases and recommendations.

...

The precise behavior of any <MetadataProvider> element is controlled by the xsi:type attribute (see below). The following types are supported and examples are provided for each type. If the urn:mace:shibboleth:2.0:metadata namespace is not the default, then a prefix (presumably "metadata:") is required when specifying these types.

xsi:type

Function

ChainingMetadataProvider

A container for an ordered sequence of metadata providers of any type

DynamicHTTPMetadataProvider

A dynamic provider that fetches metadata just-in-time from a suitably configured HTTP server

LocalDynamicMetadataProvider

A dynamic provider that fetches metadata just-in-time from a local source such as a filesystem directory

FilesystemMetadataProvider

A reloading provider that loads (and reloads) a metadata file from the filesystem in a background thread

FileBackedHTTPMetadataProvider

A reloading provider that loads (and reloads) a metadata file from an HTTP server in a background thread

ResourceBackedMetadataProvider

A reloading provider that loads (and reloads) a metadata file from a more complex resource type (in a background thread)

InlineMetadataProvider

A provider that allows metadata to be specified inline

Reference

Configuration options common to two or more metadata providers are listed in the subsections below. Others are specific to the xsi:type, and these are documented on the pages specific to each type.

Expand
titleCommon XML Attributes
Include Page
IDP5:MetadataProviderCommonAttributesIDP5:
MetadataProviderCommonAttributes

...

Expand
titleReloading XML Attributes
Include Page
IDP5:MetadataProviderReloadingAttributesIDP5:
MetadataProviderReloadingAttributes

...

Expand
titleDynamic XML Attributes
Include Page
IDP5:MetadataProviderDynamicAttributesIDP5:
MetadataProviderDynamicAttributes

...

Expand
titleHTTP XML Attributes
Include Page
IDP5:MetadataProviderHTTPAttributesIDP5:
MetadataProviderHTTPAttributes

...

Expand
titleCommon XML Elements
Include Page
IDP5:MetadataProviderChildElementsIDP5:
MetadataProviderChildElements

...