mirror of
https://github.com/honeymoose/OpenSearch.git
synced 2025-03-01 16:39:11 +00:00
b8733eab00
The change replaces the Vagrant box based fixture with a fixture based on docker compose and 2 docker images, one for an openldap server and one for a Shibboleth SAML Identity Provider. The configuration of both openldap and shibboleth is identical to the previous one, in order to minimize required changes in the tests
69 lines
3.5 KiB
XML
69 lines
3.5 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
xmlns:context="http://www.springframework.org/schema/context"
|
|
xmlns:util="http://www.springframework.org/schema/util"
|
|
xmlns:p="http://www.springframework.org/schema/p"
|
|
xmlns:c="http://www.springframework.org/schema/c"
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
|
|
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
|
|
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
|
|
|
|
default-init-method="initialize"
|
|
default-destroy-method="destroy">
|
|
|
|
<!--
|
|
NOTE: if you're using a legacy relying-party.xml file from a V2 configuration, this file is ignored.
|
|
|
|
This defines the signing and encryption key and certificate pairs referenced by your relying-party.xml
|
|
configuration. You don't normally need to touch this, unless you have advanced requirements such as
|
|
supporting multiple sets of keys for different relying parties, in which case you may want to define
|
|
all your credentials here for convenience.
|
|
-->
|
|
|
|
<!--
|
|
The list of ALL of your IdP's signing credentials. If you define additional signing credentials,
|
|
for example for specific relying parties or different key types, make sure to include them within this list.
|
|
-->
|
|
<util:list id="shibboleth.SigningCredentials">
|
|
<ref bean="shibboleth.DefaultSigningCredential" />
|
|
</util:list>
|
|
|
|
<!-- Your IdP's default signing key, set via property file. -->
|
|
<bean id="shibboleth.DefaultSigningCredential"
|
|
class="net.shibboleth.idp.profile.spring.factory.BasicX509CredentialFactoryBean"
|
|
p:privateKeyResource="%{idp.signing.key}"
|
|
p:certificateResource="%{idp.signing.cert}"
|
|
p:entityId-ref="entityID" />
|
|
|
|
<!-- Your IdP's default client TLS credential, by default the same as the default signing credential. -->
|
|
<alias alias="shibboleth.DefaultClientTLSCredential" name="shibboleth.DefaultSigningCredential" />
|
|
|
|
<!--
|
|
The list of ALL of your IdP's encryption credentials. By default this is just an alias
|
|
for 'shibboleth.DefaultEncryptionCredentials'. It could be re-defined as
|
|
a list with additional credentials if needed.
|
|
-->
|
|
<alias alias="shibboleth.EncryptionCredentials" name="shibboleth.DefaultEncryptionCredentials" />
|
|
|
|
<!-- Your IdP's default encryption (really decryption) keys, set via property file. -->
|
|
<util:list id="shibboleth.DefaultEncryptionCredentials">
|
|
<bean class="net.shibboleth.idp.profile.spring.factory.BasicX509CredentialFactoryBean"
|
|
p:privateKeyResource="%{idp.encryption.key}"
|
|
p:certificateResource="%{idp.encryption.cert}"
|
|
p:entityId-ref="entityID" />
|
|
|
|
<!--
|
|
For key rollover, uncomment and point to your original keypair, and use the one above
|
|
to point to your new keypair. Once metadata has propagated, comment this one out again.
|
|
-->
|
|
<!--
|
|
<bean class="net.shibboleth.idp.profile.spring.factory.BasicX509CredentialFactoryBean"
|
|
p:privateKeyResource="%{idp.encryption.key.2}"
|
|
p:certificateResource="%{idp.encryption.cert.2}"
|
|
p:entityId-ref="entityID" />
|
|
-->
|
|
</util:list>
|
|
|
|
</beans>
|