Created
August 9, 2011 22:02
-
-
Save srkirkland/1135314 to your computer and use it in GitHub Desktop.
Shibbleth2 xml config for url (using test shib)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <Attributes xmlns="urn:mace:shibboleth:2.0:attribute-map" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> | |
| <Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" id="eppn"> | |
| <AttributeDecoder xsi:type="ScopedAttributeDecoder"/> | |
| </Attribute> | |
| <Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" id="affiliation"> | |
| <AttributeDecoder xsi:type="ScopedAttributeDecoder" caseSensitive="false"/> | |
| </Attribute> | |
| <Attribute name="urn:oid:0.9.2342.19200300.100.1.3" id="mail"/> | |
| <Attribute name="urn:oid:2.16.840.1.113730.3.1.241" id="displayName"/> | |
| </Attributes> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <SPConfig xmlns="urn:mace:shibboleth:2.0:native:sp:config" | |
| xmlns:conf="urn:mace:shibboleth:2.0:native:sp:config" | |
| xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" | |
| xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" | |
| xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" | |
| clockSkew="180"> | |
| <InProcess logger="native.logger"> | |
| <ISAPI normalizeRequest="true" safeHeaderNames="true"> | |
| <Site id="1" name="dev.caes.ucdavis.edu"/> | |
| </ISAPI> | |
| </InProcess> | |
| <RequestMapper type="Native"> | |
| <RequestMap> | |
| <Host name="dev.caes.ucdavis.edu"> | |
| <Path name="shibtest/account" authType="shibboleth" requireSession="true"/> | |
| </Host> | |
| </RequestMap> | |
| </RequestMapper> | |
| <ApplicationDefaults entityID="https://dev.caes.ucdavis.edu/shibboleth" REMOTE_USER="eppn"> | |
| <Sessions lifetime="28800" timeout="3600" checkAddress="false" relayState="ss:mem" handlerSSL="false"> | |
| <SSO entityID="urn:mace:incommon:ucdavis.edu">SAML2 SAML1</SSO> | |
| <Logout>SAML2 Local</Logout> | |
| <Handler type="MetadataGenerator" Location="/Metadata" signing="false"/> | |
| <Handler type="Status" Location="/Status" acl="127.0.0.1 ::1 169.237.11.128 169.237.11.230 169.237.124.225 169.237.124.41"/> | |
| <Handler type="Session" Location="/Session" showAttributeValues="true"/> | |
| <Handler type="DiscoveryFeed" Location="/DiscoFeed"/> | |
| </Sessions> | |
| <Errors supportContact="[email protected]" logoLocation="/shibboleth-sp/logo.jpg" styleSheet="/shibboleth-sp/main.css"/> | |
| <MetadataProvider type="Chaining" precedence="first"> | |
| <MetadataProvider type="XML" uri="http://wayf.incommonfederation.org/InCommon/InCommon-metadata.xml" backingFilePath="InCommon-metadata.xml" reloadInterval="7200"> | |
| <MetadataFilter type="RequireValidUntil" maxValidityInterval="2419200"/> | |
| <MetadataFilter type="Signature" certificate="incommon.pem"/> | |
| <MetadataFilter type="EntityRoleWhiteList"> | |
| <RetainedRole>md:IDPSSODescriptor</RetainedRole> | |
| </MetadataFilter> | |
| </MetadataProvider> | |
| </MetadataProvider> | |
| <AttributeExtractor type="XML" validate="true" path="attribute-map.xml"/> | |
| <AttributeResolver type="Query" subjectMatch="true"/> | |
| <AttributeFilter type="XML" validate="true" path="attribute-policy.xml"/> | |
| <CredentialResolver type="File" key="sp-key.pem" certificate="sp-cert.pem"/> | |
| </ApplicationDefaults> | |
| <SecurityPolicyProvider type="XML" validate="true" path="security-policy.xml"/> | |
| <ProtocolProvider type="XML" validate="true" reloadChanges="false" path="protocols.xml"/> | |
| </SPConfig> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment