...
| Tip |
|---|
The identifiers of the resolvers are also listed by the status and metrics administrative flows. |
Reference
V4.0 and upgraded systems include a bean defined in conf/admin/general-admin.xml to control aspects of the flow's behavior.
V4.1 includes properties to control various aspects of the flow's behavior using an internally-defined bean that may be overridden if required.
| Expand |
|---|
|
The general properties configuring this flow via admin/admin.properties are: Name | Default | Description |
|---|
idp.reload.logging | Reload | Audit log identifier for flow | idp.reload.accessPolicy | AccessByIPAddress | Name of access control policy for request authorization | idp.reload.authenticated | false | Whether authentication should be performed prior to access control evaluation | idp.reload.nonBrowserSupported | false | Whether the flow should allow for non-browser clients during authentication | idp.reload.resolveAttributes | false | Whether attributes should be resolved prior to access control evaluation |
|
| Expand |
|---|
| title | Flow Descriptor XML (V4.1+) |
|---|
|
To replace the internally defined flow descriptor bean, the following XML is required: | Code Block |
|---|
| <util:list id="shibboleth.AvailableAdminFlows">
<bean parent="shibboleth.AdminFlow"
c:id="http://shibboleth.net/ns/profiles/reload-metadata"
p:loggingId="%{idp.reload.logging:Reload}"
p:policyName="%{idp.reload.accessPolicy:AccessByIPAddress}"
p:nonBrowserSupported="%{idp.reload.nonBrowserSupported:false}"
p:authenticated="%{idp.reload.authenticated:false}"
p:resolveAttributes="%{idp.reload.resolveAttributes:false}" />
</util:list> |
In older versions and upgraded systems, this list is defined in conf/admin/general-admin.xml. In V4.1+, no No default version of the list is provided and it may simply be placed in conf/global.xml if needed. |