...
webapp
Contains the contents which will be included into the war. There must be at least one jar file contained inside webapp\WEB-INF\lib and the jar files in that folder must implement exactly one service of type net.shibboleth.idp.plugin.IdPPlugin
bootstrap
This folder:
MUST contain a file called plugin.properties.
This should be a property file with at least one property, "plugin.id".
The ID is used to locate the default truststore that verifies the GPG signature. The trust store will reside within a folder, named after the plugin ID, nested inside the IdP's credentials folder, e.g., idp.home/credentials/<pluginid>/truststore.asc
It must match the plugin ID that the plugin identifies itself with. By convention, plugin IDs are associated with the package name of the plugin to ensure uniqueness.
MAY contain a file called keys.txt being the public key(s) used to sign the distribution. This enables the plugin installer to perform a one-time, "leap of faith" credentials check, and thereafter to prevent use of an unauthorized key.
Packages 5.2
This folder contains any other
tar.gzor.zipfiles which the plugin installer will unpack. See below
Building a Plugin
Given the constraints above you can use any mechanism you chose to build a plugin. However the format of the archive (and its signature) is conducive to being created automatically by maven and the IdP distribution contains support classes for constructing the service.
...