...
SimpleSAMLphp includes a metarefresh module that will automatically refresh and verify federation metadata. The following example fetches the production metadata aggregate. See the Metadata Aggregates wiki page for other options.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
'incommon' => array(
'cron' => array('frequent'),
'sources' => array(
array(
// See https://spaces.at.internet2.edu/display/InCCollaborate/Phase+1+Implementation+Plan
// Changed by visser@terena.org on 19 Dec 2013
'src' => 'http://md.incommon.org/InCommon/InCommon-metadata.xml',
// curl -s http://md.incommon.org/certs/inc-md-cert.pem | openssl x509 -sha1 -noout -fingerprint
'validateFingerprint' => '7D:B4:BB:28:D3:D5:C8:52:E0:80:B3:62:43:2A:AF:34:B2:A6:0E:DD',
'template' => array(
'tags' => array('all', 'incommon'),
'authproc' => array(
51 => array('class' => 'core:AttributeMap', 'oid2name'),
),
'redirect.sign' => TRUE,
'metadata.sign.enable' => TRUE,
),
// We already have a ProtectNetwork entry in the guest options
'blacklist' => array(
'urn:mace:incommon:idp.protectnetwork.org',
),
),
),
'outputDir' => 'metadata/metarefresh/incommon',
'outputFormat' => 'flatfile',
),
|