Uploaded image for project: 'Identity Provider'
  1. Identity Provider
  2. IDP-820

Usage of %{idp.home}/metadata/idp-metadata.xml should be more explicit

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.2.0
    • Component/s: Metadata
    • Labels:
      None

      Description

      By default %

      {idp.home}/metadata/idp-metadata.xml is publicly accessible, which I don't think widely recognized.
      The file path is referred in two pages, but mainly as auto-generated file during installation. The second page has the words "You should modify ..." but does not describe why.
      https://wiki.shibboleth.net/confluence/display/IDP30/Configuration
      https://wiki.shibboleth.net/confluence/display/CONCEPT/MetadataForIdP

      Though more documentation may be enough, I'd suggest the file path appears explicitly in idp.properties:
      
      
      idp.entityID.metadataFile = %{idp.home}

      /metadata/idp-metadata.xml

      If this property is not defined (as is the case of pre 3.2) the path should be defaulted.
      
      Furthermore, this property can be made empty to disable this functionality (i.e. publishing own metadata through entityID URL).
      

      idp.entityID.metadataFile =

      
      

      How do you think about this property?

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              cantor.2@osu.edu Scott Cantor
              Reporter:
              takeshi@gakunin.nii.ac.jp Takeshi Nishimura
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 30 minutes
                  30m