'Re: Question re: SP config to consume metadata'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       shibboleth-users
Subject:    Re: Question re: SP config to consume metadata
From:       David Bantz <dabantz () alaska ! edu>
Date:       2014-05-15 18:31:29
Message-ID: B1FE32D1-A451-4A9C-9AB6-F1F46D39C93E () gmx ! us
[Download RAW message or body]

[Attachment #2 (multipart/signed)]

[Attachment #4 (multipart/alternative)]


Closing the loop on this thread:

Tom’s Whitelist filter suggestion works (not surprisingly) to filter out the entities \
other than that listed, enabling the SP to consume/update my IdP metadata from signed \
InC metadata repository. 


<MetadataProvider type=“XML” 
	uri="http://md.incommon.org/InCommon/InCommon-metadata.xml"
	backingFilePath=“partner-metadata.xml”
	reloadInterval="7200”>
	<MetadataFilter type=“RequireValidUntil" maxValidityInterval="2419200”/>
	<MetadataFilter type="Signature" certificate="incommon.pem”/>
	<MetadataFilter type="Whitelist">
		<Include>my_idp_entityID_here</Include>
		</MetadataFilter>
</MetadataProvider>

This use appears adequately documented at 
https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPMetadataFilter#NativeSPMetadataFilter-WhitelistMetadataFilter


David Bantz
U Alaska


[Attachment #7 (unknown)]

<html><head><meta http-equiv="Content-Type" content="text/html \
charset=windows-1252"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: \
space; -webkit-line-break: after-white-space;">Closing the loop on this \
thread:<div><br></div><div>Tom’s Whitelist filter suggestion works (not surprisingly) \
to filter out the entities other than that listed,</div><div>enabling the SP to \
consume/update my IdP metadata from signed InC metadata \
repository.&nbsp;</div><div><br></div><div><br></div><div><div>&lt;MetadataProvider \
type=“XML”&nbsp;</div><div><span class="Apple-tab-span" \
style="white-space:pre">	</span>uri="<a \
href="http://md.incommon.org/InCommon/InCommon-metadata.xml">http://md.incommon.org/InCommon/InCommon-metadata.xml</a>"<br><span \
class="Apple-tab-span" \
style="white-space:pre">	</span>backingFilePath=“partner-metadata.xml”</div><div><span \
class="Apple-tab-span" \
style="white-space:pre">	</span>reloadInterval="7200”&gt;</div><div><span \
class="Apple-tab-span" style="white-space:pre">	</span>&lt;MetadataFilter \
type=“RequireValidUntil"&nbsp;maxValidityInterval="2419200”/&gt;</div><div><span \
class="Apple-tab-span" style="white-space:pre">	</span>&lt;MetadataFilter \
type="Signature" certificate="incommon.pem”/&gt;<br></div><div><span \
class="Apple-tab-span" style="white-space:pre">	</span>&lt;MetadataFilter \
type="Whitelist"&gt;<br><span class="Apple-tab-span" \
style="white-space:pre">		</span>&lt;Include&gt;my_idp_entityID_here&lt;/Include&gt;</div><div><span \
class="Apple-tab-span" \
style="white-space:pre">		</span>&lt;/MetadataFilter&gt;<br></div><div>&lt;/MetadataProvider&gt;<br></div><div><br></div><div>This \
use appears adequately documented at&nbsp;</div><div><a \
href="https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPMetadataFilter#Nati \
veSPMetadataFilter-WhitelistMetadataFilter">https://wiki.shibboleth.net/confluence/dis \
play/SHIB2/NativeSPMetadataFilter#NativeSPMetadataFilter-WhitelistMetadataFilter</a></div><br>David \
Bantz</div><div>U Alaska</div></body></html>


["signature.asc" (signature.asc)]

-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAlN1CAEACgkQU016jx0ZXdUE+ACcChGxXtoAiaYPHLHi+iRSvSR4
6MYAni9dcbsynYdfjUgA/837c+QyhysY
=Bkua
-----END PGP SIGNATURE-----


--
To unsubscribe from this list send an email to users-unsubscribe@shibboleth.net

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic