Page History
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
<?php
$config = array(
'sets' => array(
'aconet' => array(
'cron' => array('hourly', 'daily'),
'sources' => array(
array(
#'blacklist' => array(
# 'https://openidp.aco.net/saml',
#),
#'whitelist' => array(
# 'http://some.uni/idp',
# 'http://some.other.uni/idp',
#),
'conditionalGET' => TRUE,
'src' => 'http://eduid.at/md/aconet-registered.xml',
'certificates' => array('aconet-metadata-signing.crt'),
'types' => array('saml20-idp-remote'),
),
),
'expireAfter' => 60*60*24*3, // Maximum 3 days cache time
'outputDir' => 'metadata/aconetfederation/',
'outputFormat' => 'flatfile',
),
),
); |
That way the eduID.at metadata will be put into files within a separate sub-directory of the default metadata directory, leaving the existing files in the default metadata directory for other, manually managed entities. In order for SimpleSAMLphp to find these files you'll have to adjust its metadata configuration by adding another metadata source location:
| Code Block | ||||
|---|---|---|---|---|
| ||||
'metadata.sources' => array(
array('type' => 'flatfile'),
array('type' => 'flatfile', 'directory' => 'metadata/aconetfederation/'), // add this line!
), |
TBD: Setting For setting up the required cron module please follow the upstream documentation for now.
SAML SP details
By default there's no easy way to process persistent SAML NameIDs the same way as SAML attributes. Using an authproc filter like the one below fixes this:
...
Overview
Content Tools
Tasks