Small enhancement to the scriptable attribute definition. Cleaner checking of script...
[java-idp.git] / testresources / basicSpHome / spconfig.xml
1 <?xml version="1.1" encoding="ISO-8859-1"?>
2
3 <SPConfig xmlns="urn:mace:shibboleth:target:config:1.0"
4         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
5         xsi:schemaLocation="urn:mace:shibboleth:target:config:1.0 ../../src/schemas/shibboleth-targetconfig-1.0.xsd"
6         clockSkew="180">
7
8         <Global>
9                 <UnixListener address="bogus"/>
10                 <MemorySessionCache 
11                         cleanupInterval="300" 
12                         cacheTimeout="3600" 
13                         AATimeout="30" 
14                         AAConnectTimeout="15"
15                         defaultLifetime="1800" 
16                         retryInterval="300" 
17                         strictValidity="false" 
18                         propagateErrors="false"
19                         />
20         </Global>
21     
22         <Local localRelayState="true">
23                 <RequestMapProvider type="edu.internet2.middleware.shibboleth.sp.provider.NativeRequestMapProvider">
24                         <RequestMap applicationId="default">
25                                 <Host name="sp.example.org">
26                                         <Path name="secure" authType="shibboleth" requireSession="true" exportAssertion="true" />
27                                 </Host>
28                         </RequestMap>
29                 </RequestMapProvider>
30                 
31         </Local>
32
33         <Applications id="default" 
34                 providerId="https://sp.example.org/shibboleth"
35                 homeURL="https://sp.example.org/index.html"
36                 xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
37                 xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
38
39                 <Sessions lifetime="7200" timeout="3600" checkAddress="false"
40                         handlerURL="/Shibboleth.sso" handlerSSL="false" idpHistory="true" idpHistoryDays="7">
41                         <SessionInitiator isDefault="true" id="example" Location="/WAYF/idp.example.org"
42                                 Binding="urn:mace:shibboleth:sp:1.3:SessionInit"
43                                 wayfURL="https://idp.example.org:8443/shibboleth-idp/SSO"
44                                 wayfBinding="urn:mace:shibboleth:1.0:profiles:AuthnRequest"/>
45                         <md:AssertionConsumerService Location="/SAML/POST" isDefault="true" index="1"
46                                 Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"/>
47                         <md:AssertionConsumerService Location="/SAML/Artifact" index="2"
48                                 Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01"/>
49                         <md:SingleLogoutService Location="/Logout" Binding="urn:mace:shibboleth:sp:1.3:Logout"/>
50
51                 </Sessions>
52
53                 <Errors session="sessionError.html"
54                         metadata="metadataError.html"
55                         rm="rmError.html"
56                         access="accessError.html"
57                         supportContact="root@localhost"
58                         logoLocation="/shibtarget/logo.jpg"
59                         styleSheet="/shibtarget/main.css"/>
60
61                 <CredentialUse TLS="defcreds" Signing="defcreds">
62                         <!-- RelyingParty elements can customize credentials for specific IdPs/sets. -->
63                         <!--
64                         <RelyingParty Name="urn:mace:inqueue" TLS="inqueuecreds" Signing="inqueuecreds"/>
65                         -->
66                 </CredentialUse>
67                         
68                 <!-- Use designators to request specific attributes or none to ask for all -->
69                 <!--
70                 <saml:AttributeDesignator AttributeName="urn:mace:dir:attribute-def:eduPersonScopedAffiliation"
71                         AttributeNamespace="urn:mace:shibboleth:1.0:attributeNamespace:uri"/>
72                 <saml:AttributeDesignator AttributeName="urn:mace:dir:attribute-def:eduPersonTargetedID"
73                         AttributeNamespace="urn:mace:shibboleth:1.0:attributeNamespace:uri"/>
74                 -->
75
76                 <AAPProvider type="edu.internet2.middleware.shibboleth.aap.provider.XMLAAP" 
77                         uri="/basicSpHome/AAP.xml"/>
78                 
79                 <MetadataProvider type="edu.internet2.middleware.shibboleth.metadata.provider.XMLMetadata"
80                         uri="/basicSpHome/example-metadata.xml"/>
81
82                 <TrustProvider type="edu.internet2.middleware.shibboleth.common.provider.ShibbolethTrust"/>
83                                         
84                 <saml:Audience>urn:mace:inqueue</saml:Audience>
85                 
86                 <Application id="bogus">
87                         <Sessions lifetime="7200" timeout="3600" checkAddress="true"
88                                 handlerURL="/secure/admin/Shibboleth.sso" handlerSSL="true"
89                                 cookieProps="; path=/secure/admin; secure"/>
90                         <saml:AttributeDesignator AttributeName="urn:mace:dir:attribute-def:eduPersonPrincipalName"
91                                 AttributeNamespace="urn:mace:shibboleth:1.0:attributeNamespace:uri"/>
92                 </Application>
93
94         </Applications>
95         
96         <!-- Define all the private keys and certificates here that you reference from <CredentialUse>. -->
97         <CredentialsProvider type="edu.internet2.middleware.shibboleth.common.Credentials">
98                 <Credentials xmlns="urn:mace:shibboleth:credentials:1.0">
99                         <FileResolver Id="defcreds">
100                                 <Key format="PEM">
101                                         <Path>/basicSpHome/sp-example.key</Path>
102                                 </Key>
103                                 <Certificate format="PEM">
104                                         <Path>/basicSpHome/sp-example.crt</Path>
105                                 </Certificate>
106                         </FileResolver>
107                         
108                 </Credentials>
109         </CredentialsProvider>
110
111         <!-- Specialized attribute handling for cases with complex syntax. -->
112         <AttributeFactory AttributeName="urn:oid:1.3.6.1.4.1.5923.1.1.1.10"
113                 type="edu.internet2.middleware.shibboleth.common.provider.TargetedIDFactory"/>
114
115 </SPConfig>
116