The Incommon Federation wiki has moved.

Please visit the new InCommon Federation Library wiki for updated content. Remember to update your bookmarks.

Click in the link above if you are not automatically redirected in 15 seconds.

SimpleSAMLphp Metadata Configuration

SimpleSAMLphp includes a metarefresh module that will automatically refresh and verify federation metadata. The following example fetches the production metadata aggregate. See the Metadata Aggregates wiki page for other options.

Before you can verify the XML signature on a metadata aggregate, you need an authentic copy of the InCommon Metadata Signing Certificate. Do this first, before configuring simpleSAMLphp for metadata refresh.

The relevant portion of a sample configuration file (config-metarefresh.php) is shown below:

Configure the metarefresh module included with SimpleSAMLphp 1.11 (and later)
'incommon' => array(
	'cron'  => array('frequent'),
	'sources'   => array(
                    'src'   => '',
                    'certificates' => array(
                    'template' => array(
                        'tags'  => array('all', 'incommon'),
                        'authproc' => array(
                            51 => array('class' => 'core:AttributeMap', 'oid2name'),
	'expireAfter'       => 60*60*24*7, // Maximum 7 days cache time.
	'outputDir'     => 'metadata/metarefresh/incommon',
	'outputFormat' => 'flatfile',
#trackbackRdf ($trackbackUtils.getContentIdentifier($page) $page.title $trackbackUtils.getPingUrl($page))
  • No labels