LocalDynamicMetadataProvider

Owned by Rod Widdowson
Last updated: Jan 21, 2022 by Scott Cantor
1 min read

Overview

Identified by type="LocalDynamic", this MetadataProvider loads metadata on-demand from the local file system using a filename convention based on the SHA-1 hash of the entityID of the IdP.

The sourceDirectory XML attribute is also required, to identify the directory to load from.

The deployer is responsible for populating a directory with metadata files, and this may be done while the SP is in operation. New metadata will be seen automatically the first time it is requested after being added to the directory.

This plugin is optimized to track the last modification time of any metadata file it loads and skips unnecessary reprocessing if a file hasn't been modified, so it can be tuned for very frequent refresh attempts if desired, to minimize the time needed to apply changes.

Each file should contain exactly one <EntityDescriptor> and the name of the file should be the lowercase hex-encoded SHA-1 hash of the entityID within that metadata.

Example generating filename with OpenSSL
$ echo -n "https://idp.example.org/idp/shibboleth" | openssl sha1 1bec942a9ca29787c26924440ad4cb8208f9b9e4

Note that it is often unnecessary to apply filters such as signature or validity constraints to a local directory of metadata because it is typically curated by hand, but it is certainly possible to do so.

Reference

The type="LocalDynamic" attribute must be present.

The following attribute MUST also be present:

Name

Type

Req?

Description

Name

Type

Req?

Description

sourceDirectory

string

Y

Specifies the directory to access for metadata

Example

LocalDynamic Metadata Source
<MetadataProvider type="LocalDynamic" sourceDirectory="localDynamicDir"/>