SimpleSAMLphp Metadata Configuration
SimpleSAMLphp includes a metarefresh module that will automatically refresh and verify InCommon metadata. The relevant portion of a sample config-metarefresh.php configuration file is shown below:
Configure the metarefresh module included with SimpleSAMLphp 1.11 (and later)
'incommon' => array( 'cron' => array('frequent'), 'sources' => array( array( // See https://spaces.at.internet2.edu/display/InCCollaborate/Phase+1+Implementation+Plan // Changed by visser@terena.org on 19 Dec 2013 'src' => 'http://md.incommon.org/InCommon/InCommon-metadata.xml', // curl -s http://md.incommon.org/certs/inc-md-cert.pem | openssl x509 -noout -fingerprint 'validateFingerprint' => '7D:B4:BB:28:D3:D5:C8:52:E0:80:B3:62:43:2A:AF:34:B2:A6:0E:DD', 'template' => array( 'tags' => array('all', 'incommon'), 'authproc' => array( 51 => array('class' => 'core:AttributeMap', 'oid2name'), ), 'redirect.sign' => TRUE, 'metadata.sign.enable' => TRUE, ), // We already have a ProtectNetwork entry in the guest options 'blacklist' => array( 'urn:mace:incommon:idp.protectnetwork.org', ), ), ), 'outputDir' => 'metadata/metarefresh/incommon', 'outputFormat' => 'flatfile', ),