Improve example config
[java-idp.git] / resources / conf / relying-party.xml
1 <?xml version="1.0" encoding="UTF-8"?>
2
3 <!--
4     This file specifies relying party dependent configurations for the IdP, for example, whether SAML assertions to a 
5     particular relying party should be signed.  It also includes metadata provider and credential definitions used 
6     when answering requests to a relying party.
7 -->
8
9 <RelyingPartyGroup xmlns="urn:mace:shibboleth:2.0:relying-party"
10                    xmlns:saml="urn:mace:shibboleth:2.0:relying-party:saml"
11                    xmlns:metadata="urn:mace:shibboleth:2.0:metadata"
12                    xmlns:credential="urn:mace:shibboleth:2.0:credential"
13                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
14                    xsi:schemaLocation="urn:mace:shibboleth:2.0:relying-party classpath:/schema/shibboleth-2.0-relying-party.xsd
15                                        urn:mace:shibboleth:2.0:relying-party:saml classpath:/schema/shibboleth-2.0-relying-party-saml.xsd
16                                        urn:mace:shibboleth:2.0:metadata classpath:/schema/shibboleth-2.0-metadata.xsd
17                                        urn:mace:shibboleth:2.0:credential classpath:/schema/shibboleth-2.0-credential.xsd
18                                        urn:oasis:names:tc:SAML:2.0:metadata classpath:/schema/saml-schema-metadata-2.0.xsd">
19                                        
20     <!-- ========================================== -->
21     <!--      Relying Party Configurations          -->
22     <!-- ========================================== -->
23     <AnonymousRelyingParty provider="http://example.org/IdP" />
24     
25     <DefaultRelyingParty provider="http://example.org/IdP" />
26     
27     <RelyingParty id="urn:example.org:myFederation"
28                   provider="urn:example.org:myFederation:idp1">
29         <ProfileConfiguration xsi:type="saml:ShibbolethSSOProfile" />
30         <ProfileConfiguration xsi:type="saml:SAML1AttributeQueryProfile" />
31         <ProfileConfiguration xsi:type="saml:SAML2SSOProfile" />
32         <ProfileConfiguration xsi:type="saml:SAML2AttributeQueryProfile" />
33     </RelyingParty>
34     
35     
36     
37     <!-- ========================================== -->
38     <!--      Metadata Configuration                -->
39     <!-- ========================================== -->
40
41     <!-- MetadataProvider reading metadata from a URL. -->
42     <!-- Fill in metadataURL and backingFile attributes with deployment specific information -->
43     <!--
44     <MetadataProvider id="URLMD" xsi:type="FileBackedURLMetadataProvider" xmlns="urn:mace:shibboleth:2.0:metadata"
45                       metadataURL="http://example.org/my/metadata/file.xml" backingFile="/path/to/temp/location" />
46     -->
47                   
48     <!-- MetadataProvider reading metadata from the filesystem -->
49     <!-- Fill in metadataFile attribute with deployment specific information -->
50     <!--
51     <MetadataProvider id="FSMD" xsi:type="FilesystemMetadataProvider" xmlns="urn:mace:shibboleth:2.0:metadata"
52                       metadataFile="/path/to/metadata/file.xml" />
53     -->
54     
55     <!-- MetadataProvider defining metadata inline -->
56     <!--
57     <MetadataProvider id="InlineMD" xsi:type="InlineMetadataProvider" xmlns="urn:mace:shibboleth:2.0:metadata">
58         <EntitiesDescriptor Name="urn:example.org:myFederation" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
59             <EntityDescriptor entityID="urn:example.org:myFederation:idp1">
60                 <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
61                     <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://example.org/myIdP" />
62                 </IDPSSODescriptor>
63             </EntityDescriptor>
64             <EntityDescriptor entityID="urn:example.org:myFederation:sp1">
65                 <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
66                     <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://example.org/mySP" index="0" />
67                     <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://example.org/mySP" index="0" />
68                 </SPSSODescriptor>
69             </EntityDescriptor>
70         </EntitiesDescriptor>
71     </MetadataProvider>
72     -->
73     
74     <!-- MetadataProvider the combining other MetadataProviders -->
75     <!--
76     <MetadataProvider id="ExampleMD" xsi:type="ChainingMetadataProvider" xmlns="urn:mace:shibboleth:2.0:metadata">
77         <MetadataProvider id="URLMD" xsi:type="FileBackedURLMetadataProvider"
78                       metadataURL="http://example.org/my/metadata" backingFile="/path/to/temp/location" />
79         <MetadataProvider id="FSMD" xsi:type="FilesystemMetadataProvider" metadataFile="/path/to/metadata/file.xml" />
80     </MetadataProvider>
81     -->
82     
83 </RelyingPartyGroup>