src/installer/resources/conf-tmpl/internal.xml

   1 <?xml version="1.0" encoding="UTF-8"?>
   2
   3 <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   4     xmlns:util="http://www.springframework.org/schema/util"
   5      xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
   6                          http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-2.0.xsd" >
   7
   8     <bean id="shibboleth.CacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean" />
   9
  10     <bean id="shibboleth.TaskTimer" class="java.util.Timer" destroy-method="cancel">
  11         <constructor-arg value="true" type="boolean" />
  12     </bean>
  13
  14     <bean id="shibboleth.LogbackLogging" class="edu.internet2.middleware.shibboleth.common.log.LogbackLoggingService" depends-on="shibboleth.TaskTimer">
  15         <constructor-arg ref="shibboleth.TaskTimer" />
  16         <constructor-arg value="$IDP_HOME$/conf/logging.xml" />
  17         <constructor-arg value="600000" />
  18     </bean>
  19
  20     <!-- Spring configuration file that bootstraps OpenSAML -->
  21     <bean id="shibboleth.OpensamlConfig" class="edu.internet2.middleware.shibboleth.common.config.OpensamlConfigBean" depends-on="shibboleth.LogbackLogging">
  22         <constructor-arg>
  23             <list>
  24                 <bean id="shibMetadataExtensions" class="org.opensaml.util.resource.ClasspathResource">
  25                     <constructor-arg value="/shibboleth-saml-ext-config.xml" />
  26                 </bean>
  27             </list>
  28         </constructor-arg>
  29     </bean>
  30
  31     <bean id="shibboleth.IdGenerator" class="org.opensaml.common.impl.SecureRandomIdentifierGenerator" depends-on="shibboleth.LogbackLogging">
  32         <constructor-arg value="SHA1PRNG" />
  33     </bean>
  34
  35     <bean id="shibboleth.VelocityEngine" class="org.springframework.ui.velocity.VelocityEngineFactoryBean" depends-on="shibboleth.LogbackLogging">
  36         <property name="velocityProperties">
  37             <props>
  38                 <prop key="resource.loader">classpath, string</prop>
  39                 <prop key="classpath.resource.loader.class">
  40                     org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader
  41                 </prop>
  42                 <prop key="string.resource.loader.class">
  43                     edu.internet2.middleware.shibboleth.common.util.StringResourceLoader
  44                 </prop>
  45             </props>
  46         </property>
  47     </bean>
  48
  49     <bean id="shibboleth.TemplateEngine"
  50         class="edu.internet2.middleware.shibboleth.common.attribute.resolver.provider.dataConnector.TemplateEngine"
  51         depends-on="shibboleth.LogbackLogging">
  52         <constructor-arg ref="shibboleth.VelocityEngine" />
  53     </bean>
  54
  55     <bean id="shibboleth.ParserPool" class="org.opensaml.xml.parse.BasicParserPool" depends-on="shibboleth.LogbackLogging">
  56         <property name="maxPoolSize" value="100" />
  57         <property name="coalescing" value="true" />
  58         <property name="ignoreComments" value="true" />
  59         <property name="ignoreElementContentWhitespace" value="true" />
  60         <property name="namespaceAware" value="true" />
  61         <property name="builderAttributes">
  62             <map>
  63                 <entry>
  64                     <key>
  65                         <value>http://apache.org/xml/properties/security-manager</value>
  66                     </key>
  67                     <bean id="shibboleth.XercesSecurityManager" class="org.apache.xerces.util.SecurityManager" />
  68                 </entry>
  69             </map>
  70         </property>
  71         <property name="builderFeatures">
  72             <map>
  73                 <entry>
  74                     <key>
  75                         <value>http://apache.org/xml/features/disallow-doctype-decl</value>
  76                     </key>
  77                     <util:constant static-field="java.lang.Boolean.TRUE"/>
  78                 </entry>
  79             </map>
  80         </property>
  81     </bean>
  82
  83     <bean id="shibboleth.StorageService" class="edu.internet2.middleware.shibboleth.common.util.EventingMapBasedStorageService" depends-on="shibboleth.LogbackLogging" />
  84
  85     <bean id="shibboleth.StorageServiceSweeper" class="org.opensaml.util.storage.ExpiringObjectStorageServiceSweeper" depends-on="shibboleth.LogbackLogging">
  86         <constructor-arg ref="shibboleth.TaskTimer" />
  87         <constructor-arg ref="shibboleth.StorageService" />
  88         <constructor-arg value="600000" type="long" />
  89     </bean>
  90
  91     <bean id="shibboleth.SessionManager"
  92           class="edu.internet2.middleware.shibboleth.idp.session.impl.SessionManagerImpl"
  93           depends-on="shibboleth.LogbackLogging">
  94         <constructor-arg ref="shibboleth.StorageService" />
  95         <constructor-arg value="1800000" type="long" />
  96     </bean>
  97
  98     <bean id="shibboleth.ArtifactMap" class="org.opensaml.common.binding.artifact.BasicSAMLArtifactMap" depends-on="shibboleth.LogbackLogging">
  99         <constructor-arg ref="shibboleth.ParserPool" />
 100         <constructor-arg ref="shibboleth.StorageService" />
 101         <constructor-arg type="long" value="300000" />
 102     </bean>
 103
 104     <bean id="shibboleth.ReplayCache" class="org.opensaml.util.storage.ReplayCache" depends-on="shibboleth.LogbackLogging">
 105         <constructor-arg ref="shibboleth.StorageService" />
 106         <constructor-arg type="long" value="300000" />
 107     </bean>
 108
 109     <util:map id="shibboleth.MessageDecoders">
 110         <entry>
 111             <key>
 112                 <value>urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign</value>
 113             </key>
 114             <bean id="shibboleth.SAML2HttpPostSimpleSignDecoder" class="org.opensaml.saml2.binding.decoding.HTTPPostSimpleSignDecoder">
 115                 <constructor-arg ref="shibboleth.ParserPool" />
 116             </bean>
 117         </entry>
 118         <entry>
 119             <key>
 120                 <value>urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST</value>
 121             </key>
 122             <bean id="shibboleth.SAML2HttpPostDecoder" class="org.opensaml.saml2.binding.decoding.HTTPPostDecoder">
 123                 <constructor-arg ref="shibboleth.ParserPool" />
 124             </bean>
 125         </entry>
 126         <entry>
 127             <key>
 128                 <value>urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect</value>
 129             </key>
 130             <bean id="shibboleth.SAML2HttpRedirectDecoder"
 131                 class="org.opensaml.saml2.binding.decoding.HTTPRedirectDeflateDecoder">
 132                 <constructor-arg ref="shibboleth.ParserPool" />
 133             </bean>
 134         </entry>
 135         <entry>
 136             <key>
 137                 <value>urn:oasis:names:tc:SAML:2.0:bindings:SOAP</value>
 138             </key>
 139             <bean id="shibboleth.SAML2HttpSoap11Decoder"
 140                 class="org.opensaml.saml2.binding.decoding.HTTPSOAP11Decoder">
 141                 <constructor-arg ref="shibboleth.ParserPool" />
 142             </bean>
 143         </entry>
 144         <entry>
 145             <key>
 146                 <value>urn:oasis:names:tc:SAML:1.0:profiles:browser-post</value>
 147             </key>
 148             <bean id="shibboleth.SAML1HttpPostDecoder" class="org.opensaml.saml1.binding.decoding.HTTPPostDecoder">
 149                 <constructor-arg ref="shibboleth.ArtifactMap" />
 150                 <constructor-arg ref="shibboleth.ParserPool" />
 151             </bean>
 152         </entry>
 153         <entry>
 154             <key>
 155                 <value>urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding</value>
 156             </key>
 157             <bean id="shibboleth.SAML1HttpSoap11Decoder"
 158                 class="org.opensaml.saml1.binding.decoding.HTTPSOAP11Decoder">
 159                 <constructor-arg ref="shibboleth.ArtifactMap" />
 160                 <constructor-arg ref="shibboleth.ParserPool" />
 161             </bean>
 162         </entry>
 163         <entry>
 164             <key>
 165                 <value>urn:mace:shibboleth:1.0:profiles:AuthnRequest</value>
 166             </key>
 167             <bean id="shibboleth.ShibbolethSSODecoder"
 168                 class="edu.internet2.middleware.shibboleth.idp.profile.saml1.ShibbolethSSODecoder">
 169             </bean>
 170         </entry>
 171     </util:map>
 172
 173     <util:map id="shibboleth.MessageEncoders">
 174         <entry>
 175             <key>
 176                 <value>urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign</value>
 177             </key>
 178             <bean id="shibboleth.SAML2HttpPostSimpleSignEncoder" class="org.opensaml.saml2.binding.encoding.HTTPPostSimpleSignEncoder">
 179                 <constructor-arg ref="shibboleth.VelocityEngine" />
 180                 <constructor-arg value="/templates/saml2-post-simplesign-binding.vm" />
 181             </bean>
 182         </entry>
 183         <entry>
 184             <key>
 185                 <value>urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST</value>
 186             </key>
 187             <bean id="shibboleth.SAML2HttpPostEncoder" class="org.opensaml.saml2.binding.encoding.HTTPPostEncoder">
 188                 <constructor-arg ref="shibboleth.VelocityEngine" />
 189                 <constructor-arg value="/templates/saml2-post-binding.vm" />
 190             </bean>
 191         </entry>
 192         <entry>
 193             <key>
 194                 <value>urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect</value>
 195             </key>
 196             <bean id="shibboleth.SAML2HttpRedirectEncoder"
 197                 class="org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder" />
 198         </entry>
 199         <entry>
 200             <key>
 201                 <value>urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact</value>
 202             </key>
 203             <bean id="shibboleth.SAML2HTTPArtifactEncoder"
 204                 class="org.opensaml.saml2.binding.encoding.HTTPArtifactEncoder">
 205                 <constructor-arg ref="shibboleth.ArtifactMap" />
 206                 <constructor-arg ref="shibboleth.VelocityEngine" />
 207                 <constructor-arg value="/templates/saml2-post-artifact-binding.vm" />
 208             </bean>
 209         </entry>
 210         <entry>
 211             <key>
 212                 <value>urn:oasis:names:tc:SAML:2.0:bindings:SOAP</value>
 213             </key>
 214             <bean id="shibboleth.SAML2HttpSoap11Encoder" class="org.opensaml.saml2.binding.encoding.HTTPSOAP11Encoder" />
 215         </entry>
 216         <entry>
 217             <key>
 218                 <value>urn:oasis:names:tc:SAML:1.0:profiles:browser-post</value>
 219             </key>
 220             <bean id="shibboleth.SAML1HttpPostEncoder" class="org.opensaml.saml1.binding.encoding.HTTPPostEncoder">
 221                 <constructor-arg ref="shibboleth.VelocityEngine" />
 222                 <constructor-arg value="/templates/saml1-post-binding.vm" />
 223             </bean>
 224         </entry>
 225         <entry>
 226             <key>
 227                 <value>urn:oasis:names:tc:SAML:1.0:profiles:artifact-01</value>
 228             </key>
 229             <bean id="shibboleth.SAML1HttpArtifactEncoder"
 230                 class="org.opensaml.saml1.binding.encoding.HTTPArtifactEncoder">
 231                 <constructor-arg ref="shibboleth.ArtifactMap" />
 232             </bean>
 233         </entry>
 234         <entry>
 235             <key>
 236                 <value>urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding</value>
 237             </key>
 238             <bean id="shibboleth.SAML1HttpSoap11EncoderBuilder"
 239                 class="org.opensaml.saml1.binding.encoding.HTTPSOAP11Encoder" />
 240         </entry>
 241     </util:map>
 242
 243     <bean id="shibboleth.ServletAttributeExporter"
 244           class="edu.internet2.middleware.shibboleth.common.config.service.ServletContextAttributeExporter"
 245           depends-on="shibboleth.LogbackLogging"
 246           init-method="initialize" >
 247         <constructor-arg>
 248            <list>
 249                <value>shibboleth.SessionManager</value>
 250            </list>
 251         </constructor-arg>
 252     </bean>
 253
 254 </beans>