<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry kind="src" path="src"/>
- <classpathentry kind="src" path="tests"/>
- <classpathentry excluding="*|classpath/" including="META-INF" kind="src" path="resources"/>
+ <classpathentry kind="src" path="resources/conf"/>
+ <classpathentry kind="src" path="tests"/>
+ <classpathentry excluding="*|classpath/|conf/" including="META-INF" kind="src" path="resources"/>
<classpathentry kind="src" path="resources/classpath"/>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
<classpathentry combineaccessrules="false" exported="true" kind="src" path="/java-shib-common"/>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+
+<AttributeFilterPolicyGroup id="ShibbolethFilterPolicy"
+ xmlns="urn:mace:shibboleth:2.0:afp"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:mace:shibboleth:2.0:afp classpath:/schema/shibboleth-2.0-afp.xsd">
+
+</AttributeFilterPolicyGroup>
\ No newline at end of file
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+
+<AttributeResolver xmlns="urn:mace:shibboleth:2.0:resolver"
+ xmlns:resolver="urn:mace:shibboleth:2.0:resolver"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:mace:shibboleth:2.0:resolver classpath:/schema/shibboleth-2.0-attribute-resolver.xsd">
+
+</AttributeResolver>
\ No newline at end of file
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ This file contains advanced configuration options for the Identity Providers.
+
+ DO NOT EDIT THIS FILE unless you're absolutely certain you understand what you are doing.
+-->
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd"
+ default-autowire="byType">
+
+ <bean id="shibboleth.RequestDispatcher" class="edu.internet2.middleware.shibboleth.idp.profile">
+ <property name="handlerManager" ref="shibboleth.ProfileHandler" />
+ </bean>
+
+</beans>
\ No newline at end of file
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+
+<ProfileHandlers xmlns="urn:mace:shibboleth:2.0:profile-handler"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:mace:shibboleth:2.0:profile-handler classpath:/schema/shibboleth-2.0-profile-handler.xsd">
+
+ <ErrorHandler xsi:type="JSPErrorHandler" jspPagePath="/error.jsp" />
+
+ <!-- ErrorHandler xsi:type="VelocityErrorHandler" jspPagePath="error.jsp" /-->
+
+ <ProfileHandler xsi:type="....">
+ <RequestPath> </RequestPath>
+ <RequestPath> </RequestPath>
+ <RequestPath> </RequestPath>
+ </ProfileHandler>
+
+</ProfileHandlers>
\ No newline at end of file
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ This file specifies relying party dependent configurations for the IdP, for example, whether SAML assertions to a
+ particular relying party should be signed. It also includes metadata provider and credential definitions used
+ when answering requests to a relying party.
+-->
+
+<RelyingPartyGroup xmlns="urn:mace:shibboleth:2.0:relying-party"
+ xmlns:saml="urn:mace:shibboleth:2.0:relying-party:saml"
+ xmlns:metadata="urn:mace:shibboleth:2.0:metadata"
+ xmlns:credential="urn:mace:shibboleth:2.0:credential"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:mace:shibboleth:2.0:relying-party classpath:/schema/shibboleth-2.0-relying-party.xsd
+ urn:mace:shibboleth:2.0:relying-party:saml classpath:/schema/shibboleth-2.0-relying-party-saml.xsd
+ urn:mace:shibboleth:2.0:metadata classpath:/schema/shibboleth-2.0-metadata.xsd
+ urn:mace:shibboleth:2.0:credential classpath:/schema/shibboleth-2.0-credential.xsd">
+
+ <AnonymousRelyingParty provider="http://example.org/IdP" />
+
+ <DefaultRelyingParty provider="http://example.org/IdP" />
+
+ <RelyingParty id="urn:mace:incommon"
+ provider="http://example.org/IdP"
+ defaultSigningCredentialRef="MySigningKey">
+ <ProfileConfiguration xsi:type="saml:ShibbolethSSOProfile" />
+ <ProfileConfiguration xsi:type="saml:SAML2SSOProfile" />
+ </RelyingParty>
+
+ <MetadataProvider xsi:type="FileBackedURLMetadataProvider" xmlns="urn:mace:shibboleth:2.0:metadata"
+ id="incommon-metadata"
+ metadataUrl="https://wayf.incommonfederation.org/InCommon/InCommon-metadata.xml"
+ backingFile="$IDP_HOME/temp/metadata/incommon.xml"/>
+
+ <Credential xsi:type="InlineCredential" xmlns="urn:mace:shibboleth:2.0:credential"
+ id="MySigningKey">
+ <PrivateKey>
+ <!-- Encoded key -->
+ </PrivateKey>
+ <PublicKey>
+ <!-- Encoded key -->
+ </PublicKey>
+ </Credential>
+
+</RelyingPartyGroup>
\ No newline at end of file
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ This file contains definitions to standalone subsystems, or services, used by the IdP. These
+ services include things such as the attribute resolver and filtering engines as well as the
+ relying party configuration manager.
+
+ Reloadable services (profile handler manager, relying party configuration manager, attribute resolver, and
+ attribute filtering engine) can be configured to poll their configuration files on a given frequency and
+ reload those files if they've changed. Enable this feature by adding an attribute, on the Service element,
+ named configurationResourcePollingFrequency whose value is the frequency, in milliseconds, to poll the file(s).
+ A second attribute, configurationResourcePollingRetryAttempts, specifies the number of times a particular
+ configuration file may be cause an error before the service stops trying to load it.
+ -->
+
+<IdPConfig xmlns="urn:mace:shibboleth:2.0:idp-config" xmlns:service="urn:mace:shibboleth:2.0:services"
+ xmlns:profile="urn:mace:shibboleth:2.0:profile-handler" xmlns:relyingParty="urn:mace:shibboleth:2.0:relying-party"
+ xmlns:resolver="urn:mace:shibboleth:2.0:resolver" xmlns:afp="urn:mace:shibboleth:2.0:afp"
+ xmlns:resource="urn:mace:shibboleth:2.0:resource" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:mace:shibboleth:2.0:idp-config classpath:/schema/shibboleth-2.0-idp-config.xsd
+ urn:mace:shibboleth:2.0:services classpath:/schema/shibboleth-2.0-services.xsd
+ urn:mace:shibboleth:2.0:profile-handler classpath:/schema/shibboleth-2.0-profile-handler.xsd
+ urn:mace:shibboleth:2.0:relying-party classpath:/schema/shibboleth-2.0-relying-party.xsd
+ urn:mace:shibboleth:2.0:resolver classpath:/schema/shibboleth-2.0-attribute-resolver.xsd
+ urn:mace:shibboleth:2.0:afp classpath:/schema/shibboleth-2.0-afp.xsd
+ urn:mace:shibboleth:2.0:resource classpath:/schema/shibboleth-2.0-resource.xsd">
+
+ <LoggingConfiguration>$IdP_HOME$/etc/logging.xml</LoggingConfiguration>
+
+ <service:Service id="shibboleth.ProfileHandler"
+ type="profile:ShibbolethProfileHandlerManager"
+ configurationResourcePollingFrequency="300000"
+ configurationResourcePollingRetryAttempts="10">
+ <resource:ConfigurationResource type="resource:FileSystemResource">
+ $IdP_HOME$/etc/protocol.xml
+ </resource:ConfigurationResource>
+ </service:Service>
+
+ <service:Service id="shibboleth.RelyingPartyConfigurationManager"
+ type="relyingParty:SAMLMDRelyingPartyConfigurationManager"
+ configurationResourcePollingFrequency="300000"
+ configurationResourcePollingRetryAttempts="10">
+ <resource:ConfigurationResource type="resource:FileSystemResource">
+ $IdP_HOME$/etc/relying-party.xml
+ </resource:ConfigurationResource>
+ </service:Service>
+
+ <service:Service id="shibboleth.AttributeResolver"
+ type="resolver:ShibbolethAttributeResolver"
+ configurationResourcePollingFrequency="300000"
+ configurationResourcePollingRetryAttempts="10">
+ <resource:ConfigurationResource type="resource:FileSystemResource">
+ $IdP_HOME$/etc/attribute-resolver.xml
+ </resource:ConfigurationResource>
+ </service:Service>
+
+ <service:Service id="shibboleth.AttributeFilterEngine"
+ type="afp:ShibbolethAttributeFilteringEngine"
+ configurationResourcePollingFrequency="60000"
+ configurationResourcePollingRetryAttempts="10">
+ <resource:ConfigurationResource type="resource:FileSystemResource">
+ $IdP_HOME$/etc/attribute-filter.xml
+ </resource:ConfigurationResource>
+ </service:Service>
+
+</IdPConfig>
\ No newline at end of file
/**
* Servlet responsible for dispatching incoming shibboleth requests to the appropriate profile handler.
*/
-public class ProfileRequestDispatcher extends BaseServletProfileRequestDispatcher {
+public class ShibbolethProfileRequestDispatcher extends BaseServletProfileRequestDispatcher {
/** Serial version UID. */
private static final long serialVersionUID = -3939942569721369334L;