...
- Download this project template setup and extract it
- Edit the included
pom.xml
- Fill in the
<groupId>
,<artifactId>
,<version>
,<name>
elements (found as a child children of<project>)
- Fill in the
<version> element
of the shibboleth-identityprovider dependency with the appropriate Shibboleth IdP version, e.g. "2.4.0" (found as a child descendant of<project>/<dependencies>/<dependency>)
- Fill in the
- Optionally, within
pom.xml
uncomment some or all of the project metadata section at the bottom of the file and fill it in with the appropriate information
...
- Pick a namespace for the plugin. Do NOT use the
urn:mace:shibboleth
namespace. - Create the schema file in
$PROJ_HOME/resources/schema
- Set the
targetNamespace
to the chosen namespace - Declare any Shibboleth namspaces namespaces that will be used via the customary
xmlns:PREFIX
attributes. At a minimum the namespace associated with the extension point must be declared. - Set the
elementFormDefault
attribute value to "qualified"
- Set the
- Import the schema file that contains the plugin point being implemented. This is done with the <xsd:import namespace="SHIB_EXT_POINT_NAMESPACE" schemaLocation="classpath:/PATH/TO/YOUR/SCHEMA. xsd" />. Shibboleth defines a special URL scheme,
classpath
, which ensures that the schema files are resolved from the classpath. No other resolution mechanism is allowed. - Define the plugin type(s) and ensure they extend the appropriate Shibboleth type.
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
<schema targetNamespace="urn:mace:example.org:shibboleth:authn" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:ph="urn:mace:shibboleth:2.0:idp:profile-handler" elementFormDefault="qualified"> <import namespace="urn:mace:shibboleth:2.0:idp:profile-handler" schemaLocation="classpath:/schema/shibboleth-2.0-idp-profile-handler.xsd" /> <complexType name="IPAddress"> <complexContent> <extension base="ph:LoginHandlerType"> <sequence> <element name="IPEntry" type="string" maxOccurs="unbounded" /> </sequence> <attribute name="username" type="string" /> </extension> </complexContent> </complexType> </schema> |
...
The spring.schemas
file tells Spring where to look for the schema file for a particular namespace. The format of the file is simply the XML namespace URI followed by an "=" followed by the location of the schema file within the JAR (i.e schema/FILE.xsd
). Do not include the a preceding "/", the files are not at the root of the filesystem.
Code Block | |||||||
---|---|---|---|---|---|---|---|
| |||||||
urn\:mace\:example.org\:shibboleth\:authn = schema/authn.xsd |
The spring.handlers
file tells Spring which NamespaceHandler
to use for a particular namespace. The format of the file is the XML namespace URI followed by an "=" followed by the fully qualified class name of the NamespaceHandler
implementation.
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
urn\:mace\:example.org\:shibboleth\:authn = org.example.shibboleth.authn.config.AuthnNamespaceHandler |
...