This is a tool for exercising the metadata configuration of an SP installation and performing the kinds of queries against the metadata that the SP itself performs during its operation.

Various parameters can be used to specify the query to perform. The output, if successful, is the XML associated with the metadata returned. Failure results in console-directed log messages and a negative return code.

The following general parameters are supported:

-e	entityID to lookup
-a	optional applicationId to use in acquiring metadata from SP configuration, if other than "default"
-nostrict	optional, allows expired metadata to be used

Optionally, additional parameters may be used to drill down to the role level:

-r	name of the role element/type to lookup
-ns	XML namespace of the role element/type to lookup (defaults to the SAML 2.0 metadata namespace)
-p	a protocolSupportEnumeration value to use in finding the signer's role
-saml10	shortcut for "-p urn:oasis:names:tc:SAML:1.0:protocol"
-saml11	shortcut for "-p urn:oasis:names:tc:SAML:1.1:protocol"
-saml2	shortcut for "-p urn:oasis:names:tc:SAML:2.0:protocol"
-idp	shortcut for "-r IDPSSODescriptor"
-sp	shortcut for "-r SPSSODescriptor"
-aa	shortcut for "-r AttributeAuthorityDescriptor"
-pdp	shortcut for "-r PDPDescriptor"

Browser not supported