Page Comparison

Contains command line tools, and any Java libraries needed during installation.

During upgrades any additional files you add will be preserved, so you can store your own command line scripts here.

The main configuration tree.

During any installation (first time or upgrades), files are never replaced in this directory.  New files required by the IdP version being installed will be populated if and only if they do not exist.

Contains your keys, certificates, and keystores, as well as credentials on which you rely such as for metadata signature validation. Files in this directory should generally be readable only by the user account the IdP will run under (certificates aren't secret, but it's easiest to just lock down everything).

During any installation (first time or upgrades), files are never replaced in this directory. In unusual cases, new files may be created if they do not exist.

Contains the original/default versions of the contents of the conf, flows, messages, and view directories.

This folder is always deleted and re-created from the distribution on every install. This directory can be used as a reference against any locally modified copies of these files.

Contains documentation, licenses, and the like.

This folder is always deleted and re-created from the distribution on every install.

This directory is created on initial install and thereafter not touched. You may place any local configuration you wish to include in your packed warfile. During warfile creation, the contents of this tree are copied over top of the webapp directory, from which the war file is then built. Thus, it is an overlay tool for your local modifications and extensions.

Contains any user-editable Spring Web Flow definitions.

During any installation (first time or upgrades), files are never replaced in this directory. New files required by the IdP version being installed will be populated if and only if they do not exist.

Contains the IdP diagnostic and audit logs by default.

Contains internationalized message properties used in various UI templates. As of V3.3, this contains only new or overriden message properties or post-install translations, with all of the default messages and translations moved to the system tree.

During any installation (first time or upgrades), files are never replaced in this directory.  New files required by the IdP version being installed will be populated if and only if they do not exist.

A storage location for SAML metadata used by the IdP (see MetadataConfiguration). During initial installation, some representative SAML metadata for the IdP is generated based on the installation inputs and placed in this directory in a file named idp-metadata.xml.

Note that the IdP does not need to load its own metadata, a change from V2. Also note that the metadata is generated as a one-time operation during installation. It does not result from an in-depth analysis of the IdP configuration and does not change when the configuration changes.

Contains read-only internal system configuration that should not be modified.

The contents of this directory tree will be deleted and re-created by an install or upgrade.

Contains Velocity page templates displayed to users of the IdP. While JSP views (and the V2 taglibs) are generally supported, most of the default webflow views provided are now Velocity templates that can be maintained outside the warfile and changed at runtime.

During any installation (first time or upgrades), files are never replaced in this directory.  New files required by the IdP version being installed will be populated if and only if they do not exist.

Contains the packed IdP warfile for container deployment.

The warfile can be rebuilt at any time by running the build.sh or build.bat script in the bin directory. It wll prompt you to verify the installation directory (which in theory allows for multiple installations).