...
| Code Block | ||||||||
|---|---|---|---|---|---|---|---|---|
| ||||||||
<SPConfig xmlns="urn:mace:shibboleth:3.0:native:sp:config"
xmlns:conf="urn:mace:shibboleth:3.0:native:sp:config"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
clockSkew="180">
<ApplicationDefaults entityID="https://swamidsp.example.org/shibboleth"
REMOTE_USER="eppn persistent-id targeted-id"
metadataAttributePrefix="Meta-">
<Sessions lifetime="28800" timeout="3600" relayState="ss:mem"
redirectLimit="exact"
checkAddress="false" handlerSSL="true" cookieProps="http" sameSiteFallback="true">
<Logout>SAML2 Local</Logout>
<SessionInitiator type="Chaining" Location="/DS/Login" id="swamid-ds-default" relayState="cookie">
<SessionInitiator type="SAML2" acsIndex="1" acsByIndex="false" template="bindingTemplate.html"/>
<SessionInitiator type="Shib1" acsIndex="5"/>
<SessionInitiator type="SAMLDS" URL="https://service.seamlessaccess.org/ds/"/>
</SessionInitiator>
<md:AssertionConsumerService Location="/SAML2/POST" index="1"
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
conf:ignoreNoPassive="true"/>
<Handler type="MetadataGenerator" Location="/Metadata" signing="false"/>
<Handler type="Status" Location="/Status" acl="127.0.0.1 ::1"/>
<Handler type="Session" Location="/Session" showAttributeValues="false"/>
<Handler type="DiscoveryFeed" Location="/DiscoFeed"/>
<md:ArtifactResolutionService Location="/Artifact/SOAP" index="1"
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"/>
</Sessions>
<Errors supportContact="webmaster@example.org"
helpLocation="/about.html"
styleSheet="/shibboleth-sp/main.css"/>
<MetadataProvider type="MDQ" id="mdq.swamid.se" <MetadataProvider
ignoreTransport="true" cacheDirectory="mdq.swamid.se"
typebaseUrl="XML" https://mds.swamid.se/">
<MetadataFilter url="https://mds.swamid.se/md/swamid-idp-transitive.xml"type="Signature" certificate="md-signer2.crt"/>
<MetadataFilter backingFilePathtype="swamid-idp-transitive.xmlRequireValidUntil" reloadIntervalmaxValidityInterval="144002419200"/>
</MetadataProvider>
<MetadataFilter type="Signature" certificate="md-signer2.crt" verifyBackup="false" />
</MetadataProvider>
<!-- "Old" way -->
<!--
<MetadataProvider
<AttributeExtractor type="XML" validate="true" reloadChanges="false" path="attribute-map.xml"/>
<AttributeExtractor type="Metadata" errorURL="errorURL" DisplayName="displayName" registrationAuthorityurl="registrationAuthority"/>
https://mds.swamid.se/md/swamid-idp-transitive.xml"
<AttributeResolver type="Query" subjectMatch="true"/>
backingFilePath="swamid-idp-transitive.xml" reloadInterval="14400">
<AttributeFilter<MetadataFilter type="XMLSignature" validatecertificate="truemd-signer2.crt" pathverifyBackup="attribute-policy.xmlfalse" />
</MetadataProvider>
<CredentialResolver type="File" key="sp-key.pem" certificate="sp-cert.pem"/>
-->
</ApplicationDefaults>
<SecurityPolicyProvider <AttributeExtractor type="XML" validate="true" reloadChanges="false" path="securityattribute-policymap.xml"/>
<ProtocolProvider<AttributeExtractor type="XMLMetadata" validateerrorURL="trueerrorURL" reloadChangesDisplayName="falsedisplayName" pathregistrationAuthority="protocols.xmlregistrationAuthority"/>
</SPConfig> <AttributeResolver type="Query" subjectMatch="true"/>
<AttributeFilter type="XML" validate="true" path="attribute-policy.xml"/>
<CredentialResolver type="File" key="sp-key.pem" certificate="sp-cert.pem"/>
</ApplicationDefaults>
<SecurityPolicyProvider type="XML" validate="true" path="security-policy.xml"/>
<ProtocolProvider type="XML" validate="true" reloadChanges="false" path="protocols.xml"/>
</SPConfig> |
| Code Block | ||||||||
|---|---|---|---|---|---|---|---|---|
| ||||||||
<SPConfig xmlns="urn:mace:shibboleth:3.0:native:sp:config"
xmlns:conf="urn:mace:shibboleth:3.0:native:sp:config"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
clockSkew="180">
<InProcess logger="native.logger">
<ISAPI normalizeRequest="true" safeHeaderNames="true">
<Site id="1" name="swamidsp.example.org" scheme="https" port="443"/>
</ISAPI>
</InProcess>
<RequestMapper type="Native">
<RequestMap>
<Host name="swamidsp.example.org">
<Path name="myswamidapp" requireSession="true" authType="shibboleth"/>
</Host>
</RequestMap>
</RequestMapper>
<ApplicationDefaults entityID="https://swamidsp.example.org/shibboleth"
REMOTE_USER="eppn persistent-id targeted-id"
| ||||||||
| Code Block | ||||||||
| ||||||||
<SPConfig xmlns="urn:mace:shibboleth:3.0:native:sp:config" xmlns:conf="urn:mace:shibboleth:3.0:native:sp:config" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" clockSkew="180"> <InProcess logger="native.logger"> <ISAPI normalizeRequest="true" safeHeaderNamesmetadataAttributePrefix="trueMeta-"> <Site id<Sessions lifetime="128800" nametimeout="swamidsp.example.org3600" schemerelayState="https" port="443"/> ss:mem" </ISAPI> </InProcess> <RequestMapper typeredirectLimit="Nativeexact"> <RequestMap> checkAddress="false" handlerSSL="true" cookieProps="http" sameSiteFallback="true"> <Host name="swamidsp.example.org"> <Logout>SAML2 Local</Logout> <Path<SessionInitiator nametype="myswamidappChaining" requireSessionLocation="true/DS/Login" authTypeid="swamid-ds-default" relayState="shibbolethcookie"/> </Host> </RequestMap> </RequestMapper> <ApplicationDefaults entityID="https://swamidsp.example.org/shibboleth"<SessionInitiator type="SAML2" acsIndex="1" acsByIndex="false" template="bindingTemplate.html"/> <SessionInitiator type="Shib1" acsIndex="5"/> REMOTE_USER="eppn persistent-id targeted-id" <SessionInitiator type="SAMLDS" URL="https://service.seamlessaccess.org/ds/"/> metadataAttributePrefix="Meta-"> </SessionInitiator> <Sessions lifetime="28800" timeout="3600" relayState="ss:mem <md:AssertionConsumerService Location="/SAML2/POST" index="1" redirectLimit="exact" checkAddress="false" handlerSSL="true" cookieProps="http" sameSiteFallback="true"> Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" <Logout>SAML2 Local</Logout> conf:ignoreNoPassive="true"/> <SessionInitiator<Handler type="ChainingMetadataGenerator" Location="/DS/LoginMetadata" idsigning="swamid-ds-default" relayState="cookie"false"/> <SessionInitiator<Handler type="SAML2Status" acsIndexLocation="1" acsByIndex="false/Status" templateacl="bindingTemplate.html127.0.0.1 ::1"/> <Handler <SessionInitiator type="Shib1" acsIndex="5type="Session" Location="/Session" showAttributeValues="false"/> <Handler <SessionInitiator type="SAMLDSDiscoveryFeed" URLLocation="https://service.seamlessaccess.org/ds//DiscoFeed"/> </SessionInitiator> <md:AssertionConsumerServiceArtifactResolutionService Location="/SAML2Artifact/POSTSOAP" index="1" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POSTSOAP"/> conf:ignoreNoPassive="true"/></Sessions> <Handler type="MetadataGenerator" Location="/Metadata" signing="false"/> <Errors supportContact="webmaster@example.org" <Handler type="Status" Location helpLocation="/Status" acl="127.0.0.1 ::1"/> about.html" <Handler typestyleSheet="Session" Location="/Session" showAttributeValues="false"/> <Handler type="DiscoveryFeed" Location="/DiscoFeed"/> /shibboleth-sp/main.css"/> <MetadataProvider type="MDQ" id="mdq.swamid.se" ignoreTransport="true" cacheDirectory="mdq.swamid.se" <md:ArtifactResolutionService LocationbaseUrl="https:/Artifact/SOAP" index="1"/mds.swamid.se/"> <MetadataFilter Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAPtype="Signature" certificate="md-signer2.crt"/> </Sessions> <MetadataFilter <Errors supportContact="webmaster@example.org" type="RequireValidUntil" maxValidityInterval="2419200"/> </MetadataProvider> <!-- helpLocation="/about.html" "Old" way --> styleSheet="/shibboleth-sp/main.css"/> <!-- <MetadataProvider type="XML" url="https://mds.swamid.se/md/swamid-idp-transitive.xml" backingFilePath="swamid-idp-transitive.xml" reloadInterval="14400"> <MetadataFilter type="Signature" certificate="md-signer2.crt" verifyBackup="false" /> </MetadataProvider> --> <AttributeExtractor type="XML" validate="true" reloadChanges="false" path="attribute-map.xml"/> <AttributeExtractor type="Metadata" errorURL="errorURL" DisplayName="displayName" registrationAuthority="registrationAuthority"/> <AttributeResolver type="Query" subjectMatch="true"/> <AttributeFilter type="XML" validate="true" path="attribute-policy.xml"/> <CredentialResolver type="File" use="signing" key="sp-signing-key.pem" certificate="sp-signing-cert.pem"/> <CredentialResolver type="File" use="encryption" key="sp-encrypt-key.pem" certificate="sp-encrypt-cert.pem"/> </ApplicationDefaults> <SecurityPolicyProvider type="XML" validate="true" path="security-policy.xml"/> <ProtocolProvider type="XML" validate="true" reloadChanges="false" path="protocols.xml"/> </SPConfig> |
...