The Shibboleth IdP V3 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only. See the IDP4 wiki space for current documentation on the supported version.
HTTPResource
The HTTP resource and the related File Backed HTTP Resource allow configuration to be retrieved from an web server. In contrast to the Spring UrlResource, significant control of the underlying Apache HttpClient library is available, such as:
- In-memory or file backed caching. This caching is at the HTTP client level and allows a reduction of the HTTP traffic since data is only loaded when it has gone out of date. These caches do not survive the lifetime of the HttpClient, and so are not available across IdP restarts.
- Connection timeouts and other connection-related configuration.
- Proxy information
- and so on
For details on some advanced usage, refer to the HttpClientConfiguration topic.
Notably, this feature does not at present support the security features that are described in that topic. This may be corrected in a future version. For the time being this feature only supports unauthenticated access to resources.
Configuring the HTTP Resource
The HTTP Resource is configured entirely via its constructor. The two parameters are the URL and an Apache HttpClient. Some built-in beans are provided to simplify use of the HttpClient, configured via properties detailed in the HttpClientConfiguration topic.
The File backed HTTP Resource provides file backup for when the web server is unavailable. Note that this file is orthogonal to the use of a file-backed HttpClient cache, which provides a local copy of up to date data when the web server can be contacted.
Simple Examples
The following simple examples rely on the default security behavior of the HttpClient. Use of more explicit security configuration is recommended, and examples of that can be found on the HttpClientConfiguration page.
A resource which will be supplied from an in-memory cache for as long as the file on the webserver does not change. If the webserver becomes unavailable the resource will be unavailable.
<bean id="inMemoryResource" class="net.shibboleth.ext.spring.resource.HTTPResource" c:client-ref="shibboleth.MemoryCachingHttpClient" c:url="http://example.org/path/to/file.xml" />
A resource which will be supplied from an on disk cache (suitable for multiple or large files) for as long as the file on the webserver does not change. If the webserver becomes unavailable the last used contents of the file will be returned (even if that was in a previous IdP lifetime)
<bean id="fileResource" class="net.shibboleth.ext.spring.resource.FileBackedHTTPResource" c:client-ref="shibboleth.FileCachingHttpClient" c:url="http://example.org/path/to/file.xml" c:backingFile="/var/shibboleth/caches/resourcecache/file.xml"/>
<bean id="fileResource" class="net.shibboleth.ext.spring.resource.FileBackedHTTPResource" c:client-ref="shibboleth.FileCachingHttpClient" c:url="http://example.org/path/to/file.xml" c:resource="/var/shibboleth/caches/resourcecache/file.xml"/>