The Shibboleth IdP V3 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only. See the IDP4 wiki space for current documentation on the supported version.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

The HTTP resource and the related File Backed HTTP Resource allow configuration to be retrieved from an web server.  In contrast to the Spring UrlResource, significant control of the underlying Apache HttpClient is available.  For instance the following can be controlled:

  • In-memory or file backed caching.  This caching is at the HTTP client level.  It allows a reduction of the HTTP traffic since data is only loaded when it has gone out of date.  These caches do not survive the lifetime of the HttpClient, and in particular they are not available when the IdP restarts.
  • Connection timeouts and other connection-related configuration.
  • Proxy information
  • Security and certificate information.
  • and so on

Configuring the HTTP Resource

The HTTP Resource is configured entirely via its constructor.  The two parameters are the URL and an Apache HttpClient.  An in memory caching factory bean and a file caching factory bean are provided to simplify construction of the HttpClient.

The File backed HTTP Resource provides file backup for when the web server is unavailable. Note that this file is a orthogonal to the use of a file backed HttpClient cache, which provides a local copy of up to date data when the web server can be contacted.

Examples

A resource which will be supplied from an in-memory cache for as long as the file on the webserver does not change.  If the webserver becomes unavailable the resource will be unavailable.

<bean id="inMemoryClient" 
      class="net.shibboleth.idp.profile.spring.relyingparty.metadata.InMemoryCachingHttpClientFactoryBean"
      p:maxCacheEntries="1"
      p:connectionTimeout="PT3M" />

<bean id="inMemoryResource" class="net.shibboleth.ext.spring.resource.HTTPResource"
      c:client-ref="inMemoryClient" 
      c:url="http://example.org/path/to/file.xml" />

A resource which will be supplied from an on disk cache (suitable for multiple or large files) for as long as the file on the webserver does not change.  If the webserver becomes unavailable the last used contents of the file will be returned (even if that was in a previous IdP lifetime)

<bean id="fileClient" 
      class="net.shibboleth.idp.profile.spring.relyingparty.metadata.FileCachingHttpClientFactoryBean"
      p:maxCacheEntries="3000"
      p:cacheDirectory="/var/shibboleth/caches/httpcache"/>
        
<bean id="fileResource" class="net.shibboleth.ext.spring.resource.FileBackedHTTPResource"
      c:client-ref="fileClient" 
      c:url="http://example.org/path/to/file.xml" 
      c:resource="/var/shibboleth/caches/resourcecache/file.xml"/>

In this example /var/shibboleth/caches/httpcache is a directory in which all the resources served via the HttpClient "fileClient" are cached.  These cached resources are only available for the lifetime of the HttpClient.

In contrast /var/shibboleth/caches/resourcecache/file.xml is a file which contains the most recent version of the resource.  If the Webserver example.org becomes unreachable, then the resource will be supplied from the contents of this file

  • No labels