You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
Version 1
Current »
Namespace: urn:mace:shibboleth:2.0:metadata
Schema: http://shibboleth.net/schema/idp/shibboleth-metadata.xsd
The ChainingMetadataProvider
is a container for an ordered sequence of metadata providers of any type. When conducting a search, the metadata resolver consults each child provider in the order in which it is listed. See the parent topic for a detailed description of the search ordering algorithm used by the metadata resolver.
XML Attributes
Name | Type | Req? | Description |
---|
id | String | Y | Identifier for logging, identification for command line reload, etc. |
xsi:type | String | Y | Must be set to "ChainingMetadataProvider" |
XML Elements
Name | Cardinality | Description |
---|
<MetadataProvider> | 0 or more | An ordered sequence of metadata providers of any type (except the ChainingMetadataProvider type) |
Here is a brief summary of the examples in this section:
Example 1: A traditional configuration using FilesystemMetadataProvider
for local metadata and FileBackedHTTPMetadataProvider
for federation metadata
Example 2: A "no touch" configuration using LocalDynamicMetadataProvider
for local metadata and FileBackedHTTPMetadataProvider
for federation metadata
Example 3: A completely dynamic configuration using LocalDynamicMetadataProvider
for local metadata and DynamicHTTPMetadataProvider
for federation metadata
The following example illustrates one or more providers of type FilesystemMetadataProvider
followed by a single FileBackedHTTPMetadataProvider
:
Example 1: A traditional configuration
<MetadataProvider id="chain" xsi:type="ChainingMetadataProvider">
<!--
One or more providers of type FilesystemMetadataProvider for local metadata.
Each metadata provider describes a static entity descriptor stored in a file.
-->
<MetadataProvider id="LocalMetadata" xsi:type="FilesystemMetadataProvider" ...>
<!-- ... -->
</MetadataProvider>
<!--
Exactly one provider of type FileBackedHTTPMetadataProvider for federation metadata.
The metadata provider automatically refreshes a metadata aggregate (EntitiesDescriptor)
which would otherwise expire.
-->
<MetadataProvider id="FederationMetadata" xsi:type="FileBackedHTTPMetadataProvider" ...>
<!-- ... -->
</MetadataProvider>
</MetadataProvider>
In the above example, local metadata is loaded before externally resolved federation metadata. This prevents federation metadata from accidentally overriding local metadata sources.
The following example is similar to the previous example except that multiple providers of type FilesystemMetadataProvider
have been replaced with a single LocalDynamicMetadataProvider
:
Example 2: A "no touch" configuration
<MetadataProvider id="chain" xsi:type="ChainingMetadataProvider">
<!--
Exactly one provider of type LocalDynamicMetadataProvider for local metadata.
The metadata provider configures a source directory containing one or more
static entity descriptors.
-->
<MetadataProvider id="LocalMetadata" xsi:type="LocalDynamicMetadataProvider" ...>
<!-- ... -->
</MetadataProvider>
<!--
Exactly one provider of type FileBackedHTTPMetadataProvider for federation metadata.
The metadata provider automatically refreshes a metadata aggregate (EntitiesDescriptor)
which would otherwise expire.
-->
<MetadataProvider id="FederationMetadata" xsi:type="FileBackedHTTPMetadataProvider" ...>
<!-- ... -->
</MetadataProvider>
</MetadataProvider>
In the above example, all local metadata is handled by a single LocalDynamicMetadataProvider
. In this way, new local metadata may be added to the system without touching the configuration.
The following example is similar to the previous example except that the provider of type FileBackedHTTPMetadataProvider
has been replaced with a DynamicHTTPMetadataProvider
:
Example 3: A completely dynamic configuration
<MetadataProvider id="chain" xsi:type="ChainingMetadataProvider">
<!--
Exactly one provider of type LocalDynamicMetadataProvider for local metadata.
The metadata provider configures a source directory containing one or more
static entity descriptors.
-->
<MetadataProvider id="LocalMetadata" xsi:type="LocalDynamicMetadataProvider" ...>
<!-- ... -->
</MetadataProvider>
<!--
Exactly one provider of type DynamicHTTPMetadataProvider for federation metadata.
Individual entity descriptors are fetched dynamically as needed from a metadata
query server.
-->
<MetadataProvider id="FederationMetadata" xsi:type="DynamicHTTPMetadataProvider" ...>
<!-- ... -->
</MetadataProvider>
</MetadataProvider>
In the above example, federation metadata is sourced as needed (i.e., dynamically). This avoids having to load a large metadata aggregate.