101 lines
5.1 KiB
XML
101 lines
5.1 KiB
XML
|
<beans xmlns="http://www.springframework.org/schema/beans"
|
||
|
xmlns:context="http://www.springframework.org/schema/context"
|
||
|
xmlns:util="http://www.springframework.org/schema/util" xmlns:p="http://www.springframework.org/schema/p"
|
||
|
xmlns:c="http://www.springframework.org/schema/c" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||
|
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
|
||
|
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
|
||
|
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
|
||
|
|
||
|
default-init-method="initialize"
|
||
|
default-destroy-method="destroy">
|
||
|
|
||
|
<!-- Advanced configuration of services from HTTP.
|
||
|
|
||
|
To use an HTTP resource you first need to configure the Apache HttpClient which will be used
|
||
|
to communicate with the web server. Any HttpClient can be used, but two Factory Beans allow simple
|
||
|
configuration of in-memory or file-based caching clients.
|
||
|
|
||
|
Examples are:
|
||
|
|
||
|
A resource which will be supplied from an in-memory cache for as long as the file on the webserver does not change.
|
||
|
If the webserver becomes unavailable the resource will be unavailable.
|
||
|
|
||
|
<bean id="inMemoryResource" class="net.shibboleth.ext.spring.resource.HTTPResource"
|
||
|
c:client-ref="shibboleth.MemoryCachingHttpClient"
|
||
|
c:url="http://example.org/path/to/file.xml" />
|
||
|
|
||
|
Two resources which will be supplied from an on disk cache (suitable for multiple or large files) for as long
|
||
|
as the file on the webserver does not change. If the webserver becomes unavailable the last used contents
|
||
|
of the file will be returned (even if that was in a previous IdP lifetime).
|
||
|
|
||
|
<bean id="fileResource" class="net.shibboleth.ext.spring.resource.FileBackedHTTPResource"
|
||
|
c:client-ref="shibboleth.FileCachingHttpClient"
|
||
|
c:url="http://example.org/path/to/file.xml"
|
||
|
c:backingFile="/var/shibboleth/caches/resourcecache/file.xml"/>
|
||
|
|
||
|
<bean id="otherFileResource" class="net.shibboleth.ext.spring.resource.FileBackedHTTPResource"
|
||
|
c:client-ref="shibboleth.FileCachingHttpClient"
|
||
|
c:url="http://another.server.example.org/path/to/different/file.xml"
|
||
|
c:backingFile="/var/shibboleth/caches/resourcecache/differentFile.xml"/>
|
||
|
|
||
|
In all cases you should review the "idp.httpclient.*" properties defined in services.properties
|
||
|
-->
|
||
|
|
||
|
<!--
|
||
|
Otherwise by default we look at resources whose names are derived from %{idp.home}. Services not configured
|
||
|
using native Spring syntax also need to load the property-placeholder file in order to pull settings from
|
||
|
property sources.
|
||
|
-->
|
||
|
|
||
|
<!-- This set of resources supports a native Spring relying-party.xml file. -->
|
||
|
<util:list id="shibboleth.RelyingPartyResolverResources">
|
||
|
<value>%{idp.home}/conf/relying-party.xml</value>
|
||
|
<value>%{idp.home}/conf/credentials.xml</value>
|
||
|
<value>%{idp.home}/system/conf/relying-party-system.xml</value>
|
||
|
</util:list>
|
||
|
|
||
|
<!-- This set of resources supports a legacy 2.x relying-party.xml file. -->
|
||
|
<util:list id="shibboleth.LegacyRelyingPartyResolverResources">
|
||
|
<value>%{idp.home}/conf/relying-party.xml</value>
|
||
|
<value>%{idp.home}/system/conf/legacy-relying-party-defaults.xml</value>
|
||
|
</util:list>
|
||
|
|
||
|
<util:list id="shibboleth.MetadataResolverResources">
|
||
|
<value>%{idp.home}/conf/metadata-providers.xml</value>
|
||
|
<value>%{idp.home}/system/conf/metadata-providers-system.xml</value>
|
||
|
</util:list>
|
||
|
|
||
|
<util:list id ="shibboleth.AttributeResolverResources">
|
||
|
<value>%{idp.home}/conf/attribute-resolver.xml</value>
|
||
|
</util:list>
|
||
|
|
||
|
<util:list id ="shibboleth.AttributeFilterResources">
|
||
|
<value>%{idp.home}/conf/attribute-filter.xml</value>
|
||
|
</util:list>
|
||
|
|
||
|
<util:list id ="shibboleth.NameIdentifierGenerationResources">
|
||
|
<value>%{idp.home}/conf/saml-nameid.xml</value>
|
||
|
<value>%{idp.home}/system/conf/saml-nameid-system.xml</value>
|
||
|
</util:list>
|
||
|
|
||
|
<util:list id="shibboleth.AccessControlResources">
|
||
|
<value>%{idp.home}/conf/access-control.xml</value>
|
||
|
<value>%{idp.home}/system/conf/access-control-system.xml</value>
|
||
|
</util:list>
|
||
|
|
||
|
<util:list id="shibboleth.CASServiceRegistryResources">
|
||
|
<value>%{idp.home}/conf/cas-protocol.xml</value>
|
||
|
</util:list>
|
||
|
|
||
|
<!--
|
||
|
This collection of resources differs slightly in that it should not include the file extension.
|
||
|
Message sources are internationalized, and Spring will search for a compatible language extension
|
||
|
and fall back to one with only a .properties extension.
|
||
|
-->
|
||
|
<util:list id="shibboleth.MessageSourceResources">
|
||
|
<value>%{idp.home}/messages/messages</value>
|
||
|
<value>%{idp.home}/system/messages/messages</value>
|
||
|
</util:list>
|
||
|
|
||
|
</beans>
|