The SAML Metadata Configuration Manager (MCM) is built as a Java Spring Boot ( https://spring.io/projects/spring-boot ) application. It can be run as a standalone web application that has Tomcat embedded in it. The same WAR file can be deployed into an external servlet container (standalone Tomcat etc). It can also be deployed using a Docker image. And in the Docker realm, the project also provides a full "testbed environment" that includes a database, an IdP, a LDAP server, etc.
Deployment Considerations
The principal output from the Shib IDP UI application are XML files. Metadata provider records in the UI correspond to MetadataConfiguration resources, which contain pointers to the actual entity metadata to consume. Metadata source records in the UI define individual entities, and each entity corresponds to a single XML file defining its metadata. The entity files are generally to be used with a LocalDynamicMetadataProvider, and the entity file names follow its convention of lower case hex-encoded SHA-1 digest of the entityID, suffixed with ".xml" The locations in the filesystem to save the output are defined by UI application properties, and have no defaults. See {Configuration} for details on how to define these.
The IDP reads metadata provider and entity metadata from these files, so they must be accessible by the IDP. There are a number of ways these files can get from the UI to the IDP:
- UI running as a web application on the same server as the IDP, and saved to local filesystem
- Shared filesystem between the UI and the IDP
- Git push/pull jobs
- file transfer jobs
Requirements
- The MCM requires a relational database for persistent storage. Out of the box you can run the application using an in memory database to get familiar with the application but you will need a permanent data store in order to retain configurations
- Java 11+ - the Docker version of the deployment includes the needed Java environment to run the application
Downloads
- WAR releases available at: https://github.internet2.edu/TIER/shib-idp-ui/releases
- Docker image available at: https://hub.docker.com/r/i2incommon/shib-idp-ui/tags