Overview
The MetadataGen plugin provides a command line to generate metadata based on a very shallow introspection of the IdP configuration properties.
...
| Warning |
|---|
This tools does not output "ready to use" metadata and is a preliminary, NOT an alternative, to editing your metadata prior to publishing it. |
Plugin Installation
| Info |
|---|
Starting with IdP 4.2 you can the install the latest plugin version supported on your IdP version with |
...
| Include Page | ||||
|---|---|---|---|---|
|
Configuration
The generated metadata is based on an idea of the IdP's configuration sourced from two locations: configuration property files and the command line. Importantly, this tool does not consider anything about the relying party configuration.
...
An additional property file can be used to specify the DNS name an backchannel path, additionally properties can be used to drive MDUI generation. This is described further below.
Command line options
With no command line options the tool prints to the screen the Metadata for a SAML2 IdP configured for attribute push only. Further options control adding or removing parts of the metadata
...
The full set of options can be viewed with the --help option.
Advanced use and Property-driven installation
The parts of the metadata drawn from the IdP configuration are derived from the IdP configuration property files. Additional properties can be provided (via the --propertyFiles qualifier) to describe more about the IdP
...
Property | Description |
|---|---|
idp.metadata.dnsname | Supplies the DNS name used within the URLs specifying the end points. |
idp.metadata.backchannel.cert | Specifies the path to the certificate protecting the back channel. |
idp.metadata.idpsso.mdui.logo.path | Specifies the path part of the URL which describes a logo for the IdP. The <mdui:Logo> is always emitted. If this is absent then then a fixed path ('/path/to/logo') is used. |
idp.metadata.idpsso.mdui.logo.height | The height (in pixels) of the logo. Defaults to 80. |
idp.metadata.idpsso.mdui.logo.width | The width (in pixels) of the logo. Defaults to 80. |
idp.metadata.idpsso.mdui.langs | A (space separated) list of languages used to lookup values formed appending each one to the name and description properties described below. If this is absent then an <mdui:DisplayName/> and <mdui:Description> for the "en" language is emitted which you need to edit. |
idp.metadata.idpsso.mdui.displayname.<lang> | Display name for the IdP in the specified language. If this is absent for a language specified above then not <mdui:DisplayName> is emitted for that language |
idp.metadata.idpsso.mdui.description.<lang> | Description for the IdP in the specified language. If this is absent for a language specified above then not <mdui:Description> is emitted for that language |
Examples
Example Command Line
| Code Block | ||
|---|---|---|
| ||
metadatagen +saml1 +sp --backChannel /opt/idp/credentials/idp-backchannel.crt --output myMetadata.xml |
Example Property File
| Code Block | ||
|---|---|---|
| ||
idp.metadata.dnsname=ushib.example.org idp.metadata.backchannel.cert=/opt/idp/credentials/idp-backchannel.crt idp.metadata.idpsso.mdui.langs=en fr de idp.metadata.idpsso.mdui.displayname.fr=Université de Shibboleth idp.metadata.idpsso.mdui.displayname.en=Shibboleth University idp.metadata.idpsso.mdui.displayname.de=Universität Shibboleth idp.metadata.idpsso.mdui.description.fr=UShib idp.metadata.idpsso.mdui.description.de=UShib idp.metadata.idpsso.mdui.description.en=UShib idp.metadata.idpsso.mdui.logo.height=84 idp.metadata.idpsso.mdui.logo.width=75 idp.metadata.idpsso.mdui.logo.path=/the/to/path/logo.png |
...