Versions Compared

Old Version 2

changes.mady.by.user Scott Cantor

Saved on

compared with

New Version 3

changes.mady.by.user Scott Cantor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languagexml
titleconf/intercept/warning-intercept-config.xml
collapsetrue
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:context="http://www.springframework.org/schema/context"
       xmlns:util="http://www.springframework.org/schema/util"
       xmlns:p="http://www.springframework.org/schema/p"
       xmlns:c="http://www.springframework.org/schema/c"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
                           http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
                           http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
                           
       default-init-method="initialize"
       default-destroy-method="destroy">

    <!--
    The map keys are the names of view templates to render if the condition evaluates to true.
    
    The values are of type Pair<Predicate<ProfileRequestContext>,Duration>. The condition determines whether
    the warning is displayed, and the duration is the interval between warnings.
    -->
    <util:map id="shibboleth.warning.ConditionMap">
        <entry key="loop-detected">
            <bean parent="shibboleth.Pair">
                <constructor-arg index="0">
                    <bean class="net.shibboleth.idp.profile.logic.LoopDetectionPredicate" p:threshold="20">
                        <property name="relyingPartyMap">
                            <map>
                                <entry key="https://sp.example.org/shibboleth" value="example" />
                            </map>
                        </property>
                        <property name="usernameLookupStrategy">
                            <bean parent="shibboleth.Functions.Compose"
                                c:g-ref="shibboleth.PrincipalNameLookup.Subject"
                                c:f-ref="shibboleth.ChildLookup.SubjectContext" />
                        </property>
                    </bean>
                </constructor-arg>
                <constructor-arg index="1">
                    <bean class="java.time.Duration" factory-method="parse" c:_0="PT0S" />
                </constructor-arg>
            </bean>
        </entry>
    </util:map>

</beans>

You may also wish to suppress the potentially large number of Meters from appearing via "standard" access to the full set of metrics, which can be done quickly by adding to conf/logback.xml:

Code Block
    <logger name="metrics.net.shibboleth.idp.loopDetection" level="OFF" />

This won't fully prevent access to the information, which would require adjusting access control for the relevant metrics via the MetricsConfiguration.