...
- certicateFile - If specified, this is the path to a certificate file. This certificate is used to validate the signature on the root element of the incoming metadata. The filter will prevent loading of the metadata if it fails validation or if there is no certificate present.
- maxValidityInterval - If specified, this value is used to ensure that the metadata contains a validUntil attribute on the root of the metadata. This ensures that old metadata, which may contain entities which have been removed/revoked, is not used. If the value is "0" then it specifies the interval, in seconds, from now within which the validUntil date must fall. A value of zero indicates no upper limit, see the IdP Documentation for more details.
- refreshDelayFactor (added in v1.2) - an number between 0.0 and 1.0, exclusive, used to determine the next metadata refresh cycle based on the current metadata's cache expiration time (default value: 0.75), see the IdP Documentation for more details.
- minRefreshDelay (added in v1.2) - a lower bound on the frequency of metadata refresh cycles given in XML duration notation (default value: PT5M), see the IdP Documentation for more details.
- maxRefreshDelay (added in v1.2) - an upper bound on the frequency of metadata refresh cycles given in XML duration notation (default value: PT4H), see the IdP Documentation for more details.
| Note |
|---|
Setting the min and max refresh delay to the same value is a nonsensical configuration. Don't do it. |
...