Versions Compared

Old Version 45

changes.mady.by.user trscavo@internet2.edu

Saved on

compared with

New Version 46

changes.mady.by.user trscavo@internet2.edu

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Choose the right metadata aggregate for your particular deployment
  2. Deploy and configure an automated metadata refresh process:
    1. Configure your metadata client
    2. Adjust your outbound firewall rules (if necessary)
    3. Verify the XML signature on downloaded metadata (see below)
    4. Validate the expiration date on downloaded metadata (see below)
Warning
titleAdjust your outbound firewall rules!

Don't forget to adjust your outbound firewall rules for all metadata endpoint locations.

Signature Verification

Federation metadata is signed for integrity and authenticity. Participants are strongly encouraged to verify the XML signature on the metadata file before use; failure to do so will seriously compromise the security of your SAML deployment.

...