The Shibboleth IdP V4 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only. See the IDP5 wiki space for current documentation on the supported version.
LocalDynamicMetadataProvider
Namespace: urn:mace:shibboleth:2.0:metadata
Schema: http://shibboleth.net/schema/idp/shibboleth-metadata.xsd
Overview
The LocalDynamicMetadataProvider
fetches metadata from a local source dynamically as needed. The deployer is responsible for populating the local source with data, which may be done while the metadata provider is running. New metadata will be seen automatically the first time it is requested.
Use this provider with local metadata
The LocalDynamicMetadataProvider
is used with local metadata. See the MetadataManagementBestPractices topic for more information.
A common use case will be to use a filesystem directory as the local source. A convenience attribute sourceDirectory
is supplied to facilitate this configuration. In this case, the deployer adds XML files each containing a single <md:EntityDescriptor>
element to the sourceDirectory
.
By default, when using a sourceDirectory
, the file naming convention will be the lower case hex-encoded SHA-1 digest of the entityID
, suffixed with ".xml". For example, the metadata for the entity with entityID
"urn:test:foobar" will be resolved from the sourceDirectory
with filename "d278c9975472a6b4827b1a8723192b4e99aa969c.xml".
Note that with the default entityID
digest mechanism, the digested value should not include any leading or trailing whitespace (in particular, no trailing new line character):
Example generating default source key with OpenSSL
$ echo -n "urn:test:foobar" | openssl sha1
d278c9975472a6b4827b1a8723192b4e99aa969c