...
| Code Block | ||
|---|---|---|
| ||
<?xml version="1.0" encoding="UTF-8"?>
<beans default-init-method="initialize"
xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd">
<bean id="httpClientBuilder" classparent="net.shibboleth.shared.httpclient.mda.HttpClientBuilder"/>
<bean id="httpClient" factory-bean="httpClientBuilder" factory-method="buildClient"/>
<!-- Import the Standard bean definition resource. -->
<!-- See https://shibboleth.atlassian.net/wiki/spaces/MA1/pages/3162439683/Standard+bean+definition+resource -->
<import resource="classpath:net/shibboleth/metadata/beans.xml"/>
<!-- First, we define the stages for our pipeline -->
<bean id="source" parent="mda.DOMResourceSourceStage">
<property name="id" value="source"/>
<property name="parserPool">
<bean classparent="net.shibboleth.shared.xml.impl.BasicParserPool" init-method="initializemda.BasicParserPool"/>
</property>
<property name="DOMResource">
<bean classparent="net.shibboleth.shared.spring.httpclient.resource.mda.HTTPResource">
<constructor-arg ref="httpClient"/>
<constructor-arg
value="http://metadata.ukfederation.org.uk/ukfederation-metadata.xml"/>
</bean>
</property>
</bean>
<!--
Validate the signature on an aggregate. If the signature is not
present or cannot be validated, this will add an Error status to
the item. This will not by itself result in processing being
terminated.
-->
<bean id="validateSignature" parent="mda.XMLSignatureValidationStage">
<property name="id" value="validateSignature"/>
<property name="verificationCertificate">
<bean classparent="net.shibboleth.shared.spring.security.factorymda.X509CertificateFactoryBean">
<property name="resource">
<bean class="org.springframework.core.io.FileSystemResource">
<constructor-arg>
<bean class="java.io.File">
<constructor-arg value="path/to/input/ukfederation-2014.pem"/>
</bean>
</constructor-arg>
</bean>
</property>
</bean>
</property>
</bean>
<!--
errorAnnouncer
A pipeline stage that logs any errors present,
but takes no action on them.
-->
<bean id="errorAnnouncer" parent="mda.StatusMetadataLoggingStage">
<property name="id" value="errorAnnouncer"/>
<property name="selectionRequirements">
<list>
<value>#{T(net.shibboleth.metadata.ErrorStatus)}</value>
</list>
</property>
</bean>
<!--
errorTerminator
This pipeline stage causes CLI termination if any item is marked with an error status.
-->
<bean id="errorTerminator" parent="mda.ItemMetadataTerminationStage">
<property name="id" value="errorTerminator"/>
<property name="selectionRequirements">
<list>
<value>#{T(net.shibboleth.metadata.ErrorStatus)}</value>
</list>
</property>
</bean>
<bean id="removeEntities" parent="mda.EntityFilterStage">
<property name="id" value="removeEntities"/>
<property name="designatedEntities">
<list>
<value>https://idp.example.com/idp/shibboleth</value>
<value>https://issues.example.com/shibboleth</value>
<value>https://wiki.example.com/shibboleth</value>
</list>
</property>
</bean>
<bean id="removeRoles" parent="mda.EntityRoleFilterStage">
<property name="id" value="removeRoles"/>
<property name="whitelistingRoles" value="true"/>
<property name="designatedRoles">
<list>
<bean class="javax.xml.namespace.QName">
<constructor-arg value="urn:oasis:names:tc:SAML:2.0:metadata"/>
<constructor-arg value="IDPSSODescriptor"/>
</bean>
<bean class="javax.xml.namespace.QName">
<constructor-arg value="urn:oasis:names:tc:SAML:2.0:metadata"/>
<constructor-arg value="AttributeAuthorityDescriptor"/>
</bean>
<bean class="javax.xml.namespace.QName">
<constructor-arg value="urn:oasis:names:tc:SAML:2.0:metadata"/>
<constructor-arg value="SPSSODescriptor"/>
</bean>
</list>
</property>
</bean>
<bean id="removeInvalidContactPerson" parent="mda.ContactPersonFilterStage">
<property name="id" value="removeInvalidContactPerson"/>
<property name="whitelistingTypes" value="false"/>
</bean>
<bean id="removeOrganization" parent="mda.RemoveOrganizationStage">
<property name="id" value="removeOrganization"/>
</bean>
<bean id="serialize" parent="mda.SerializationStage">
<property name="id" value="serializeIdPs"/>
<property name="outputFile">
<bean class="java.io.File">
<constructor-arg value="path/to/output/output.xml"/>
</bean>
</property>
<property name="serializer">
<bean id="domSerializer" parent="mda.DOMElementSerializer"/>
</property>
</bean>
<!-- Next we define a pipeline with all the stages in it -->
<bean id="main" parent="mda.SimplePipeline">
<property name="id" value="main"/>
<property name="stages">
<list>
<ref bean="source"/>
<ref bean="validateSignature"/>
<ref bean="errorAnnouncer"/>
<ref bean="errorTerminator"/>
<ref bean="removeEntities"/>
<ref bean="removeRoles"/>
<ref bean="removeInvalidContactPerson"/>
<ref bean="removeOrganization"/>
<ref bean="serialize"/>
</list>
</property>
</bean>
</beans> |
...