The Incommon Federation wiki has moved.

Please visit the new InCommon Federation Library wiki for updated content. Remember to update your bookmarks.

Click in the link above if you are not automatically redirected in 15 seconds.



You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

SimpleSAMLphp Metadata Configuration

SimpleSAMLphp includes a metarefresh module that will automatically refresh and verify InCommon metadata. The relevant portion of a sample config-metarefresh.php configuration file is shown below:

Configure the metarefresh module included with SimpleSAMLphp 1.11 (and later)
'incommon' => array(
	'cron'  => array('frequent'),
	'sources'   => array(
		array(
			// See https://spaces.at.internet2.edu/display/InCCollaborate/Phase+1+Implementation+Plan
			// Changed by visser@terena.org on 19 Dec 2013
			'src'   => 'http://md.incommon.org/InCommon/InCommon-metadata.xml',
			// curl -s http://md.incommon.org/certs/inc-md-cert.pem  | openssl x509 -noout -fingerprint
			'validateFingerprint' => '7D:B4:BB:28:D3:D5:C8:52:E0:80:B3:62:43:2A:AF:34:B2:A6:0E:DD',
			'template'  => array(
				'tags'  => array('all', 'incommon'),
				'authproc'  => array(
					51  => array('class' => 'core:AttributeMap', 'oid2name'),
				),
				'redirect.sign'     => TRUE,
				'metadata.sign.enable' => TRUE,
			),
			// We already have a ProtectNetwork entry in the guest options
			'blacklist' => array(
				'urn:mace:incommon:idp.protectnetwork.org',
			),
		),
	),
	'outputDir' =>  'metadata/metarefresh/incommon',
	'outputFormat'  => 'flatfile',
),
#trackbackRdf ($trackbackUtils.getContentIdentifier($page) $page.title $trackbackUtils.getPingUrl($page))
  • No labels