honeymoose/OpenSearch
1
0
Fork 0
mirror of https://github.com/honeymoose/OpenSearch.git synced 2025-03-03 09:29:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
OpenSearch/x-pack/test/idp-fixture/idp/shibboleth-idp/conf/metadata-providers.xml
Ioannis Kakavas b8733eab00 Replace Vagrant with Docker for idp-fixture (#39948) 
The change replaces the Vagrant box based fixture with a fixture
based on docker compose and 2 docker images, one for an openldap
server and one for a Shibboleth SAML Identity Provider.

The configuration of both openldap and shibboleth is identical to
the previous one, in order to minimize required changes in the
tests
2019-03-13 08:30:03 +02:00

79 lines
4.1 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!-- This file is an EXAMPLE metadata configuration file. -->
<MetadataProvider id="ShibbolethMetadata" xsi:type="ChainingMetadataProvider"
xmlns="urn:mace:shibboleth:2.0:metadata"
xmlns:resource="urn:mace:shibboleth:2.0:resource"
xmlns:security="urn:mace:shibboleth:2.0:security"
xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd
urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd
urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd
urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd">
<!-- ========================================================================================== -->
<!-- Metadata Configuration -->
<!-- -->
<!-- Below you place the mechanisms which define how to load the metadata for SP(s) you will -->
<!-- provide service to. -->
<!-- -->
<!-- Two examples are provided. The Shibboleth Documentation at -->
<!-- https://wiki.shibboleth.net/confluence/display/IDP30/MetadataConfiguration -->
<!-- provides more details. -->
<!-- -->
<!-- NOTE. This file SHOULD NOT contain the metadata for this IdP. -->
<!-- ========================================================================================== -->
<!--
Example HTTP metadata provider. Use this if you want to download the metadata
from a remote source.
You *MUST* provide the SignatureValidationFilter in order to function securely.
Get the public key certificate from the party publishing the metadata, and validate
it with them via some out of band mechanism (e.g., a fingerprint on a secure page).
The EntityRoleWhiteList saves memory by only loading metadata from SAML roles
that the IdP needs to interoperate with.
-->
<!--
<MetadataProvider id="HTTPMetadata"
xsi:type="FileBackedHTTPMetadataProvider"
backingFile="%{idp.home}/metadata/localCopyFromXYZHTTP.xml"
metadataURL="http://WHATEVER">
<MetadataFilter xsi:type="SignatureValidation" certificateFile="%{idp.home}/credentials/metaroot.pem" />
<MetadataFilter xsi:type="RequiredValidUntil" maxValidityInterval="P30D"/>
<MetadataFilter xsi:type="EntityRoleWhiteList">
<RetainedRole>md:SPSSODescriptor</RetainedRole>
</MetadataFilter>
</MetadataProvider>
-->
<!--
Example file metadata provider. Use this if you want to load metadata
from a local file. You might use this if you have some local SPs
which are not "federated" but you wish to offer a service to.
If you do not provide a SignatureValidation filter, then you have the
responsibility to ensure that the contents on disk are trustworthy.
-->
<!--
<MetadataProvider id="LocalMetadata" xsi:type="FilesystemMetadataProvider" metadataFile="PATH_TO_YOUR_METADATA"/>
-->
<!--
Example CAS metadata source.
-->
<!--
<MetadataProvider id="CasMetadata"
xsi:type="FilesystemMetadataProvider"
metadataFile="PATH_TO_YOUR_METADATA"
indexesRef="shibboleth.CASMetadataIndices" />
-->
</MetadataProvider>
Reference in New Issue View Git Blame Copy Permalink