Overview

This service provides the system "status" in a free-form textual manner.  For more details (and programmatically useful) data the Metrics administrative flow should be used.

The underlying web interface, which is managed as an AdministrativeConfiguration, looks like this:

http[s]://localhost/status

The same thing on the command line would be:

$ /opt/shibboleth-idp/bin/status.sh

Reference

V4.0 and upgraded systems include a bean defined in conf/admin/general-admin.xml to control aspects of the flow's behavior.

V4.1 includes properties to control various aspects of the flow's behavior using an internally-defined bean that may be overridden if required.

The general properties configuring this flow via admin/admin.properties are:

NameDefaultDescription
idp.status.loggingStatusAudit log identifier for flow
idp.status.accessPolicyAccessByIPAddressName of access control policy for request authorization
idp.status.authenticatedfalseWhether authentication should be performed prior to access control evaluation
idp.status.nonBrowserSupportedfalseWhether the flow should allow for non-browser clients during authentication
idp.status.resolveAttributesfalseWhether attributes should be resolved prior to access control evaluation

To replace the internally defined flow descriptor bean, the following XML is required:

<util:list id="shibboleth.AvailableAdminFlows">
 
    <bean parent="shibboleth.AdminFlow"
        c:id="http://shibboleth.net/ns/profiles/status"
        p:loggingId="%{idp.status.logging:Status}"
        p:policyName="%{idp.status.accessPolicy:AccessByIPAddress}"
        p:nonBrowserSupported="%{idp.status.nonBrowserSupported:false}"
        p:authenticated="%{idp.status.authenticated:false}"
        p:resolveAttributes="%{idp.status.resolveAttributes:false}" />
 
</util:list>

In older versions and upgraded systems, this list is defined in conf/admin/general-admin.xml. In V4.1+, no default version of the list is provided and it may simply be placed in conf/global.xml if needed.