Versions Compared

Old Version 15

changes.mady.by.user Rod Widdowson

Saved on

compared with

New Version Current

changes.mady.by.user shopkins@ed.ac.uk

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Corrected descriptions of minRefreshDelay and maxRefreshDelay.

...

  • certicateFile - If specified, this is the path to a certificate file. This certificate is used to validate the signature on the root element of the incoming metadata. The filter will prevent loading of the metadata if it fails validation or if there is no certificate present.
  • maxValidityInterval - If specified, this value is used to ensure that the metadata contains a validUntil attribute on the root of the metadata. This ensures that old metadata, which may contain entities which have been removed/revoked, is not used. If the value is "0" then it specifies the interval, in seconds, from now within which the validUntil date must fall. A value of zero indicates no upper limit.
  • refreshDelayFactor (added in v1.2) - an number between 0.0 and 1.0, exclusive, used to determine the next metadata refresh cycle based on the current metadata's cache expiration time (default value: 0.75), see the IdP Documentation for more details.
  • minRefreshDelay (added in v1.2) - a lower bound on the frequency of the minimum interval between successive metadata refresh cycles operations given in XML duration notation (default value: PT5M), see the IdP Documentation for more details.
  • maxRefreshDelay (added in v1.2) - an upper bound on the frequency of  the maximum interval between successive metadata refresh cycles given in XML duration notation (default value: PT4H), see the IdP Documentation for more details.

...

Code Block
xml
xml
titleExample Metadata Declarations

<MetadataProvider
     displayName="Local Federation"
     identifier="FileFed"
     url="file:///etc/DiscoveryService/metadata/sites.xml"/>

<MetadataProvider
     displayName="UK Federation"
     identifier="UkFed"
     certicateFile="/etc/metadata/ukfederation.pem"
     maxValidityInterval = "P7D"      
     backingFile="/etc/metadata/ukfed_store.xml"
     url="http://metadata.ukfederation.org.uk/ukfederation-metadata.xml"/>

...

Code Block
xml
xml
titleExample Discovery Service declarations

<DiscoveryServiceHandler [...]>
   <Federation identifier="UkFed"/>
   [...]
</DiscoveryServiceHandler>

...

Code Block
xml
xml
titleExample Metadata Filters declaration

<MetadataProvider [...]>
   <Filter identifier="Filter1"
      type="uk.ac.ed.sdss.FilterForStuff">
      <MoreSpecificStuff
          param="wibble"
      />
   </Filter>
   <Filter identifier="Filter2"
      type="edu.internet2.OtherFilter">
      <Stuff>
         <EvenMoreStuff/>
      </Stuff>
   </Filter>
</MetadataProvider>

...

Code Block
xml
xml
titleExample Black List filter


<Filter identifier="Black" 
        type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.ListFilter"
        excludeEntries="true">
  <EntityId>https://first.blacklisted.entity.edu/IdP</EntityId>
  <EntityId>https://another.blacklisted.entity.edu/IdP</EntityId>
</Filter>

...