Versions Compared

Old Version 16

changes.mady.by.user Hans Nordlöf

Saved on

compared with

New Version 17

changes.mady.by.user Hans Nordlöf

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

<SPConfig xmlns="urn:mace:shibboleth:2.0:native:sp:config" xmlns:conf="urn:mace:shibboleth:2.0:native:sp:config" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" clockSkew="180"> <ApplicationDefaults entityID="https://example.com/shibboleth" REMOTE_USER="eppn persistent-id targeted-id" metadataAttributePrefix="Meta-"> <Sessions lifetime="28800" timeout="3600" relayState="ss:mem" checkAddress="false" handlerSSL="true" cookieProps="https"> <Logout>SAML2 Local</Logout> <Handler type="MetadataGenerator" Location="/Metadata" signing="false"/> <Handler type="Status" Location="/Status" acl="127.0.0.1 ::1"/> <Handler type="Session" Location="/Session" showAttributeValues="false"/> <Handler type="DiscoveryFeed" Location="/DiscoFeed"/> <md:AssertionConsumerService Location="/SAML2/POST" index="1" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" conf:ignoreNoPassive="true" /> <SessionInitiator type="Chaining" Location="/Login" isDefault="true" id="default_ds" relayState="cookie"> <SessionInitiator type="SAML2" defaultACSIndex="1" acsByIndex="false" template="bindingTemplate.html"/> <SessionInitiator type="Shib1" defaultACSIndex="5"/> <SessionInitiator type="SAMLDS" URL="https://md.nordu.net/role/idp.ds"/> </SessionInitiator> </Sessions>
Code Block
languagexml
firstline1
titleswamid-apache-shibboleth2.xml without comments and examples
linenumberstrue
collapsetrue
<SPConfig xmlns="urn:mace:shibboleth:2.0:native:sp:config"
    xmlns:conf="urn:mace:shibboleth:2.0:native:sp:config"
    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
    xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"    
    xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
    clockSkew="180">
    <ApplicationDefaults entityID="https://swamidsp.example.org"
                         REMOTE_USER="eppn persistent-id targeted-id">

        <Sessions lifetime="28800" timeout="3600" relayState="ss:mem"
                  checkAddress="false" handlerSSL="true" cookieProps="http">

            <Logout>SAML2 Local</Logout>

	<SessionInitiator type="Chaining" Location="/DS/Login" id="swamid-ds-default" relayState="cookie">
	   <SessionInitiator type="SAML2" defaultACSIndex="1" acsByIndex="false" template="bindingTemplate.html"/>
	   <SessionInitiator type="Shib1" defaultACSIndex="5"/>
	   <SessionInitiator type="SAMLDS" URL="https://md.nordu.net/role/idp.ds"/>
	</SessionInitiator>

            <md:AssertionConsumerService Location="/SAML2/POST" index="1"
                Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
                conf:ignoreNoPassive="true"/>

            <Handler type="MetadataGenerator" Location="/Metadata" signing="false"/>
            <Handler type="Status" Location="/Status" acl="127.0.0.1 ::1"/>
            <Handler type="Session" Location="/Session" showAttributeValues="false"/>
            <Handler type="DiscoveryFeed" Location="/DiscoFeed"/>

            <md:ArtifactResolutionService Location="/Artifact/SOAP" index="1"
                Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"/>

        </Sessions>

        <Errors supportContact="webmaster@example.org"
            helpLocation="/about.html"
            styleSheet="/shibboleth-sp/main.css"/>

        <MetadataProvider 
                type="XML" 
                uri="http://md.swamid.se/md/swamid-idp-transitive.xml"
                backingFilePath="swamid-testing-idp.xml" reloadInterval="300">
             <SignatureMetadataFilter certificate="swamid-signer.crt"/>
 		</MetadataProvider>

       <AttributeExtractor type="XML" validate="true" reloadChanges="false" path="attribute-map.xml"/>

        <AttributeResolver type="Query" subjectMatch="true"/>

        <AttributeFilter type="XML" validate="true" path="attribute-policy.xml"/>

        <CredentialResolver type="File" key="sp-key.pem" certificate="sp-cert.pem"/>
    </ApplicationDefaults>
    <SecurityPolicyProvider type="XML" validate="true" path="security-policy.xml"/>

    <ProtocolProvider type="XML" validate="true" reloadChanges="false" path="protocols.xml"/>

</SPConfig>
Code Block
languagexml
firstline1
titleold-swamid-apache-shibboleth2.xml
linenumberstrue
collapsetrue

 

...

This example assumes that http://example.com/about leads to some form of help page and that webmaster@example.com is the right contact address for your service. Change according to taste.

...