Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space federationedit and version 2.9

SimpleSAMLphp includes a metarefresh module that will automatically refresh and verify federation metadata. The following example fetches the production metadata aggregate. See the Download InCommon metadata wiki page for other options.

Before you can verify the XML signature on a metadata aggregate, you need an authentic copy of the InCommon Metadata signing certificate. Do this first, before configuring simpleSAMLphp for metadata refresh.

The relevant portion of a sample configuration file (config-metarefresh.php) is shown below:

Code Block
languagePHP
titleConfigure the metarefresh module included with SimpleSAMLphp 1.11 (and later)
'incommon' => array(
	'cron'  => array('frequent'),
	'sources'   => array(
                array(
                    'src'   => 'http://md.incommon.org/InCommon/InCommon-metadata.xml',
                    'certificates' => array(
                        'incommon.crt',
                    ),
                    'template' => array(
                        'tags'  => array('all', 'incommon'),
                        'authproc' => array(
                            51 => array('class' => 'core:AttributeMap', 'oid2name'),
                        ),
                    ),
                ),
            ),
	'expireAfter'       => 60*60*24*7, // Maximum 7 days cache time.
	'outputDir'     => 'metadata/metarefresh/incommon',
	'outputFormat' => 'flatfile',
),

Related content

Content by Label
showLabelsfalse
max10
showSpacefalse
cqllabel in ("metadata","metadata-aggregate","simplesamlphp") and space = "federation"


Get help

Can't find what you are looking for?

Button Hyperlink
iconhelp
titleAsk the community
typeprimary
urlask-the-community