move configuration files into a conf directory (which will be copied onto the filesys...

Start of default configuration files

git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@2200 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

diff --git a/.classpath b/.classpath
index 73117c0..90cf0a7 100644 (file)
--- a/.classpath
+++ b/.classpath
@@ -1,8 +1,9 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <classpath>
        <classpathentry kind="src" path="src"/>
-    <classpathentry kind="src" path="tests"/>
-       <classpathentry excluding="*|classpath/" including="META-INF" kind="src" path="resources"/>
+       <classpathentry kind="src" path="resources/conf"/>
+       <classpathentry kind="src" path="tests"/>
+       <classpathentry excluding="*|classpath/|conf/" including="META-INF" kind="src" path="resources"/>
        <classpathentry kind="src" path="resources/classpath"/>
        <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
        <classpathentry combineaccessrules="false" exported="true" kind="src" path="/java-shib-common"/>

diff --git a/resources/conf/attribute-filter.xml b/resources/conf/attribute-filter.xml
new file mode 100644 (file)
index 0000000..d0842bc
--- /dev/null
+++ b/resources/conf/attribute-filter.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<AttributeFilterPolicyGroup id="ShibbolethFilterPolicy" 
+                            xmlns="urn:mace:shibboleth:2.0:afp"
+                            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                            xsi:schemaLocation="urn:mace:shibboleth:2.0:afp classpath:/schema/shibboleth-2.0-afp.xsd">
+                                                    
+</AttributeFilterPolicyGroup>
\ No newline at end of file

diff --git a/resources/conf/attribute-resolver.xml b/resources/conf/attribute-resolver.xml
new file mode 100644 (file)
index 0000000..3ea3576
--- /dev/null
+++ b/resources/conf/attribute-resolver.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<AttributeResolver xmlns="urn:mace:shibboleth:2.0:resolver"
+                   xmlns:resolver="urn:mace:shibboleth:2.0:resolver"
+                   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                   xsi:schemaLocation="urn:mace:shibboleth:2.0:resolver classpath:/schema/shibboleth-2.0-attribute-resolver.xsd">
+
+</AttributeResolver>
\ No newline at end of file

diff --git a/resources/conf/internal.xml b/resources/conf/internal.xml
new file mode 100644 (file)
index 0000000..2ea72df
--- /dev/null
+++ b/resources/conf/internal.xml
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!-- 
+  This file contains advanced configuration options for the Identity Providers.
+  
+  DO NOT EDIT THIS FILE unless you're absolutely certain you understand what you are doing.
+-->
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+          xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd"
+          default-autowire="byType">
+  
+    <bean id="shibboleth.RequestDispatcher" class="edu.internet2.middleware.shibboleth.idp.profile">
+        <property name="handlerManager" ref="shibboleth.ProfileHandler" />
+    </bean>
+
+</beans>
\ No newline at end of file

diff --git a/resources/conf/protocol.xml b/resources/conf/protocol.xml
new file mode 100644 (file)
index 0000000..502dcf2
--- /dev/null
+++ b/resources/conf/protocol.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<ProfileHandlers xmlns="urn:mace:shibboleth:2.0:profile-handler"
+                 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                 xsi:schemaLocation="urn:mace:shibboleth:2.0:profile-handler classpath:/schema/shibboleth-2.0-profile-handler.xsd">
+
+    <ErrorHandler xsi:type="JSPErrorHandler" jspPagePath="/error.jsp" />
+    
+    <!-- ErrorHandler xsi:type="VelocityErrorHandler" jspPagePath="error.jsp" /-->
+
+    <ProfileHandler xsi:type="....">
+        <RequestPath> </RequestPath>
+        <RequestPath> </RequestPath>
+        <RequestPath> </RequestPath>
+    </ProfileHandler>
+
+</ProfileHandlers>
\ No newline at end of file

diff --git a/resources/conf/relying-party.xml b/resources/conf/relying-party.xml
new file mode 100644 (file)
index 0000000..15c7b2d
--- /dev/null
+++ b/resources/conf/relying-party.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+    This file specifies relying party dependent configurations for the IdP, for example, whether SAML assertions to a 
+    particular relying party should be signed.  It also includes metadata provider and credential definitions used 
+    when answering requests to a relying party.
+-->
+
+<RelyingPartyGroup xmlns="urn:mace:shibboleth:2.0:relying-party"
+                   xmlns:saml="urn:mace:shibboleth:2.0:relying-party:saml"
+                   xmlns:metadata="urn:mace:shibboleth:2.0:metadata"
+                   xmlns:credential="urn:mace:shibboleth:2.0:credential"
+                   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                   xsi:schemaLocation="urn:mace:shibboleth:2.0:relying-party classpath:/schema/shibboleth-2.0-relying-party.xsd
+                                       urn:mace:shibboleth:2.0:relying-party:saml classpath:/schema/shibboleth-2.0-relying-party-saml.xsd
+                                       urn:mace:shibboleth:2.0:metadata classpath:/schema/shibboleth-2.0-metadata.xsd
+                                       urn:mace:shibboleth:2.0:credential classpath:/schema/shibboleth-2.0-credential.xsd">
+                                       
+    <AnonymousRelyingParty provider="http://example.org/IdP" />
+    
+    <DefaultRelyingParty provider="http://example.org/IdP" />
+    
+    <RelyingParty id="urn:mace:incommon"
+                  provider="http://example.org/IdP" 
+                  defaultSigningCredentialRef="MySigningKey">
+        <ProfileConfiguration xsi:type="saml:ShibbolethSSOProfile" />
+        <ProfileConfiguration xsi:type="saml:SAML2SSOProfile" />
+    </RelyingParty>
+    
+    <MetadataProvider xsi:type="FileBackedURLMetadataProvider" xmlns="urn:mace:shibboleth:2.0:metadata"
+                      id="incommon-metadata"
+                      metadataUrl="https://wayf.incommonfederation.org/InCommon/InCommon-metadata.xml"
+                      backingFile="$IDP_HOME/temp/metadata/incommon.xml"/>
+    
+    <Credential xsi:type="InlineCredential" xmlns="urn:mace:shibboleth:2.0:credential"
+                id="MySigningKey">
+        <PrivateKey>
+            <!-- Encoded key -->
+        </PrivateKey>
+        <PublicKey>
+            <!-- Encoded key -->
+        </PublicKey>
+    </Credential>
+
+</RelyingPartyGroup>
\ No newline at end of file

diff --git a/resources/conf/service.xml b/resources/conf/service.xml
new file mode 100644 (file)
index 0000000..ad0a3a8
--- /dev/null
+++ b/resources/conf/service.xml
@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!-- 
+    This file contains definitions to standalone subsystems, or services, used by the IdP.  These 
+    services include things such as the attribute resolver and filtering engines as well as the 
+    relying party configuration manager.
+    
+    Reloadable services (profile handler manager, relying party configuration manager, attribute resolver, and 
+    attribute filtering engine) can be configured to poll their configuration files on a given frequency and 
+    reload those files if they've changed.  Enable this feature by adding an attribute, on the Service element, 
+    named configurationResourcePollingFrequency whose value is the frequency, in milliseconds, to poll the file(s).
+    A second attribute, configurationResourcePollingRetryAttempts, specifies the number of times a particular 
+    configuration file may be cause an error before the service stops trying to load it.
+ -->
+
+<IdPConfig xmlns="urn:mace:shibboleth:2.0:idp-config" xmlns:service="urn:mace:shibboleth:2.0:services"
+    xmlns:profile="urn:mace:shibboleth:2.0:profile-handler" xmlns:relyingParty="urn:mace:shibboleth:2.0:relying-party"
+    xmlns:resolver="urn:mace:shibboleth:2.0:resolver" xmlns:afp="urn:mace:shibboleth:2.0:afp"
+    xmlns:resource="urn:mace:shibboleth:2.0:resource" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="urn:mace:shibboleth:2.0:idp-config classpath:/schema/shibboleth-2.0-idp-config.xsd
+                        urn:mace:shibboleth:2.0:services classpath:/schema/shibboleth-2.0-services.xsd
+                        urn:mace:shibboleth:2.0:profile-handler classpath:/schema/shibboleth-2.0-profile-handler.xsd
+                        urn:mace:shibboleth:2.0:relying-party classpath:/schema/shibboleth-2.0-relying-party.xsd
+                        urn:mace:shibboleth:2.0:resolver classpath:/schema/shibboleth-2.0-attribute-resolver.xsd
+                        urn:mace:shibboleth:2.0:afp classpath:/schema/shibboleth-2.0-afp.xsd 
+                        urn:mace:shibboleth:2.0:resource classpath:/schema/shibboleth-2.0-resource.xsd">
+
+    <LoggingConfiguration>$IdP_HOME$/etc/logging.xml</LoggingConfiguration>
+
+    <service:Service id="shibboleth.ProfileHandler"
+                           type="profile:ShibbolethProfileHandlerManager"
+                           configurationResourcePollingFrequency="300000"
+                           configurationResourcePollingRetryAttempts="10">
+        <resource:ConfigurationResource type="resource:FileSystemResource">
+            $IdP_HOME$/etc/protocol.xml
+        </resource:ConfigurationResource>
+    </service:Service>
+
+    <service:Service id="shibboleth.RelyingPartyConfigurationManager"
+                           type="relyingParty:SAMLMDRelyingPartyConfigurationManager"
+                           configurationResourcePollingFrequency="300000"
+                           configurationResourcePollingRetryAttempts="10">
+        <resource:ConfigurationResource type="resource:FileSystemResource">
+            $IdP_HOME$/etc/relying-party.xml
+        </resource:ConfigurationResource>
+    </service:Service>
+
+    <service:Service id="shibboleth.AttributeResolver"
+                           type="resolver:ShibbolethAttributeResolver"
+                           configurationResourcePollingFrequency="300000"
+                           configurationResourcePollingRetryAttempts="10">
+        <resource:ConfigurationResource type="resource:FileSystemResource">
+            $IdP_HOME$/etc/attribute-resolver.xml
+        </resource:ConfigurationResource>
+    </service:Service>
+
+    <service:Service id="shibboleth.AttributeFilterEngine"
+                           type="afp:ShibbolethAttributeFilteringEngine"
+                           configurationResourcePollingFrequency="60000"
+                           configurationResourcePollingRetryAttempts="10">
+        <resource:ConfigurationResource type="resource:FileSystemResource">
+            $IdP_HOME$/etc/attribute-filter.xml
+        </resource:ConfigurationResource>
+    </service:Service>
+
+</IdPConfig>
\ No newline at end of file

diff --git a/src/edu/internet2/middleware/shibboleth/idp/profile/ProfileRequestDispatcher.java b/src/edu/internet2/middleware/shibboleth/idp/profile/ShibbolethProfileRequestDispatcher.java
similarity index 94%
rename from src/edu/internet2/middleware/shibboleth/idp/profile/ProfileRequestDispatcher.java
rename to src/edu/internet2/middleware/shibboleth/idp/profile/ShibbolethProfileRequestDispatcher.java
index a89d0f3..b3e5aa3 100644 (file)
--- a/src/edu/internet2/middleware/shibboleth/idp/profile/ProfileRequestDispatcher.java
+++ b/src/edu/internet2/middleware/shibboleth/idp/profile/ShibbolethProfileRequestDispatcher.java
@@ -28,7 +28,7 @@ import edu.internet2.middleware.shibboleth.common.profile.ProfileResponse;
 /**
  * Servlet responsible for dispatching incoming shibboleth requests to the appropriate profile handler.
  */
-public class ProfileRequestDispatcher extends BaseServletProfileRequestDispatcher {
+public class ShibbolethProfileRequestDispatcher extends BaseServletProfileRequestDispatcher {
 
     /** Serial version UID. */
     private static final long serialVersionUID = -3939942569721369334L;