123 lines
6.6 KiB
XML
123 lines
6.6 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
xmlns:context="http://www.springframework.org/schema/context"
|
|
xmlns:util="http://www.springframework.org/schema/util" xmlns:p="http://www.springframework.org/schema/p"
|
|
xmlns:c="http://www.springframework.org/schema/c" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
|
|
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
|
|
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
|
|
|
|
default-init-method="initialize"
|
|
default-destroy-method="destroy">
|
|
|
|
<bean id="shibboleth.DefaultErrorView" class="java.lang.String" c:_0="%{idp.errors.defaultView:error}" />
|
|
|
|
<!-- Map local events to alternate view templates. -->
|
|
<util:map id="shibboleth.EventViewMap">
|
|
<!-- <entry key="EventToChange" value="viewname" /> -->
|
|
</util:map>
|
|
|
|
<!--
|
|
Map of events to trap and handle with local views, without returning to SPs.
|
|
The map values are flags indicating whether to write an audit log record.
|
|
-->
|
|
<util:map id="shibboleth.LocalEventMap">
|
|
<entry key="ContextCheckDenied" value="true" />
|
|
<entry key="ImpersonationViolation" value="true" />
|
|
<entry key="AttributeReleaseRejected" value="true" />
|
|
<entry key="TermsRejected" value="true" />
|
|
<entry key="RuntimeException" value="false" />
|
|
<entry key="InvalidEvent" value="false" />
|
|
<!--
|
|
<entry key="IdentitySwitch" value="false" />
|
|
<entry key="NoPotentialFlow" value="false" />
|
|
-->
|
|
</util:map>
|
|
|
|
<!-- Mappings of error events during requests to SAML status codes and SOAP fault codes. -->
|
|
|
|
<util:map id="shibboleth.SAML1StatusMappings">
|
|
<entry key="InvalidMessageVersion" value-ref="shibboleth.SAML1Status.VersionMismatch" />
|
|
|
|
<entry key="UnableToDecode" value-ref="shibboleth.SAML1Status.Requester" />
|
|
|
|
<entry key="UnableToEncode" value-ref="shibboleth.SAML1Status.Requester" />
|
|
|
|
<entry key="MessageReplay" value-ref="shibboleth.SAML1Status.Requester" />
|
|
<entry key="MessageExpired" value-ref="shibboleth.SAML1Status.Requester" />
|
|
<entry key="MessageAuthenticationError" value-ref="shibboleth.SAML1Status.Requester" />
|
|
|
|
<entry key="RequestUnsupported" value-ref="shibboleth.SAML1Status.Requester" />
|
|
|
|
<entry key="NoPassive" value-ref="shibboleth.SAML1Status.Requester" />
|
|
<entry key="NoPotentialFlow" value-ref="shibboleth.SAML1Status.Requester" />
|
|
<entry key="NoCredentials" value-ref="shibboleth.SAML1Status.Requester" />
|
|
<entry key="InvalidCredentials" value-ref="shibboleth.SAML1Status.Requester" />
|
|
<entry key="AccountError" value-ref="shibboleth.SAML1Status.Requester" />
|
|
<entry key="IdentitySwitch" value-ref="shibboleth.SAML1Status.Requester" />
|
|
<entry key="AuthenticationException" value-ref="shibboleth.SAML1Status.Requester" />
|
|
|
|
<entry key="InvalidSubject" value-ref="shibboleth.SAML1Status.Requester" />
|
|
<entry key="SubjectCanonicalizationError" value-ref="shibboleth.SAML1Status.Requester" />
|
|
</util:map>
|
|
|
|
<util:map id="shibboleth.SAML2StatusMappings">
|
|
<entry key="InvalidMessageVersion" value-ref="shibboleth.SAML2Status.VersionMismatch" />
|
|
|
|
<entry key="UnableToDecode" value-ref="shibboleth.SAML2Status.RequestUnsupported" />
|
|
|
|
<entry key="UnableToEncode" value-ref="shibboleth.SAML2Status.UnsupportedBinding" />
|
|
|
|
<entry key="MessageReplay" value-ref="shibboleth.SAML2Status.RequestDenied" />
|
|
<entry key="MessageExpired" value-ref="shibboleth.SAML2Status.RequestDenied" />
|
|
<entry key="MessageAuthenticationError" value-ref="shibboleth.SAML2Status.RequestDenied" />
|
|
|
|
<entry key="RequestUnsupported" value-ref="shibboleth.SAML2Status.NoAuthnContext" />
|
|
|
|
<entry key="NoPassive" value-ref="shibboleth.SAML2Status.NoPassive" />
|
|
|
|
<entry key="NoPotentialFlow" value-ref="shibboleth.SAML2Status.AuthnFailed" />
|
|
<entry key="NoCredentials" value-ref="shibboleth.SAML2Status.AuthnFailed" />
|
|
<entry key="InvalidCredentials" value-ref="shibboleth.SAML2Status.AuthnFailed" />
|
|
<entry key="AccountError" value-ref="shibboleth.SAML2Status.AuthnFailed" />
|
|
<entry key="IdentitySwitch" value-ref="shibboleth.SAML2Status.AuthnFailed" />
|
|
<entry key="AuthenticationException" value-ref="shibboleth.SAML2Status.AuthnFailed" />
|
|
|
|
<entry key="InvalidSubject" value-ref="shibboleth.SAML2Status.UnknownPrincipal" />
|
|
<entry key="SubjectCanonicalizationError" value-ref="shibboleth.SAML2Status.UnknownPrincipal" />
|
|
<entry key="SessionNotFound" value-ref="shibboleth.SAML2Status.UnknownPrincipal" />
|
|
|
|
<entry key="InvalidNameIDPolicy" value-ref="shibboleth.SAML2Status.InvalidNameIDPolicy" />
|
|
|
|
<entry key="ChannelBindingsError" value-ref="shibboleth.SAML2Status.ChannelBindingsError" />
|
|
</util:map>
|
|
|
|
<util:map id="shibboleth.SOAPFaultCodeMappings">
|
|
<entry key="InvalidMessageVersion" value-ref="shibboleth.SOAP.VersionMismatch" />
|
|
|
|
<entry key="UnableToDecode" value-ref="shibboleth.SOAP.Client" />
|
|
|
|
<entry key="MessageReplay" value-ref="shibboleth.SOAP.Client" />
|
|
<entry key="MessageExpired" value-ref="shibboleth.SOAP.Client" />
|
|
<entry key="MessageAuthenticationError" value-ref="shibboleth.SOAP.Client" />
|
|
|
|
<entry key="RequestUnsupported" value-ref="shibboleth.SOAP.Client" />
|
|
|
|
<entry key="NoPassive" value-ref="shibboleth.SOAP.Client" />
|
|
|
|
<entry key="NoPotentialFlow" value-ref="shibboleth.SOAP.Client" />
|
|
<entry key="NoCredentials" value-ref="shibboleth.SOAP.Client" />
|
|
<entry key="InvalidCredentials" value-ref="shibboleth.SOAP.Client" />
|
|
<entry key="AccountError" value-ref="shibboleth.SOAP.Client" />
|
|
<entry key="AuthenticationException" value-ref="shibboleth.SOAP.Client" />
|
|
|
|
<entry key="InvalidSubject" value-ref="shibboleth.SOAP.Client" />
|
|
<entry key="SubjectCanonicalizationError" value-ref="shibboleth.SOAP.Client" />
|
|
|
|
<entry key="InvalidNameIDPolicy" value-ref="shibboleth.SOAP.Client" />
|
|
|
|
<entry key="ChannelBindingsError" value-ref="shibboleth.SOAP.Client" />
|
|
</util:map>
|
|
|
|
</beans>
|