New IdP install process
authorlajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Thu, 17 Jan 2008 09:08:10 +0000 (09:08 +0000)
committerlajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Thu, 17 Jan 2008 09:08:10 +0000 (09:08 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@2576 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

build-lib/antext-04Jul2006.jar [deleted file]
build-lib/antext-16Jan2008.jar [new file with mode: 0644]
build.properties
build.xml
resources/conf/relying-party.xml
resources/metadata/idp-metadata.xml [new file with mode: 0644]

diff --git a/build-lib/antext-04Jul2006.jar b/build-lib/antext-04Jul2006.jar
deleted file mode 100644 (file)
index 8736030..0000000
Binary files a/build-lib/antext-04Jul2006.jar and /dev/null differ
diff --git a/build-lib/antext-16Jan2008.jar b/build-lib/antext-16Jan2008.jar
new file mode 100644 (file)
index 0000000..9896852
Binary files /dev/null and b/build-lib/antext-16Jan2008.jar differ
index 26e7c4e..a844b45 100644 (file)
@@ -10,6 +10,7 @@ thirdpaty-lib.dir=${basedir}/thirdparty-lib
 resources.dir=${basedir}/resources\r
 classpathres.dir=${resources.dir}/classpath\r
 conf.dir=${resources.dir}/conf\r
+metadata.dir=${resources.dir}/metadata\r
 metainf.dir=${resources.dir}/META-INF\r
 webinf.dir=${resources.dir}/WEB-INF\r
 webpages.dir=${resources.dir}/webpages\r
@@ -41,6 +42,6 @@ webinf-temp.dir=${build.dir}/WEB-INF
 base-package.name = identityprovider\r
 version = trunk\r
 dist.dir=${basedir}/dist\r
-jar.name=${base-package.name}-${version}-jdk-${jdk.target}.jar\r
-src-dist.name=${base-package.name}-${version}-jdk-${jdk.target}-src\r
-bin-dist.name=${base-package.name}-${version}-jdk-${jdk.target}-bin
\ No newline at end of file
+jar.name=${base-package.name}-${version}.jar\r
+src-dist.name=${base-package.name}-${version}-src\r
+bin-dist.name=${base-package.name}-${version}-bin
\ No newline at end of file
index 2532af9..6dec8bf 100755 (executable)
--- a/build.xml
+++ b/build.xml
 <project name="Shibboleth Identity Provider" basedir="." default="install">
 
-       <!-- User based property file that overrides any property below -->
-       <property file="${user.name}-build.properties" />
-
-       <!-- Project based property file -->
-       <property file="build.properties" />
-
-       <!-- Installation specific property file -->
-       <property file="install.properties" />
-
-       <!-- Load ant-contrib tasks -->
-       <taskdef resource="net/sf/antcontrib/antlib.xml" />
-
-       <!-- Load Checkstyle tasks -->
-       <taskdef resource="checkstyletask.properties" />
-
-       <!-- Classpath for building core classes-->
-       <path id="build-path">
-               <fileset dir="${build-lib.dir}" includes="**/*.jar" />
-               <fileset dir="${lib.dir}" includes="**/*.jar" />
-       </path>
-
-       <!-- Classpath for testing classes-->
-       <path id="test-path">
-               <path refid="build-path" />
-               <pathelement location="${core-classes.dir}" />
-               <pathelement location="${core-src.dir}" />
-               <pathelement location="${test-classes.dir}" />
-               <pathelement location="${test-classes.dir}/data" />
-               <pathelement location="${test-classes.dir}/log4j.xml" />
-               <pathelement location="${test-src.dir}" />
-               <pathelement location="${classpathres.dir}" />
-       </path>
-
-       <!-- Prepare directory structure for build -->
-       <target name="build-init">
-               <mkdir dir="${build.dir}" />
-       </target>
-
-       <!-- Compile core (non-test) classes -->
-       <target name="compile-core" depends="build-init, clean-compile">
-               <mkdir dir="${core-prep-source.dir}" />
-               <mkdir dir="${core-classes.dir}" />
-
-               <copy todir="${core-prep-source.dir}" preservelastmodified="true">
-                       <fileset dir="${core-src.dir}" />
-                       <filterset begintoken="$" endtoken="$">
-                               <filter token="IDP_HOME" value="${idp.home}" />
-                               <filter token="IDP_VERSION" value="${version}" />
-                       </filterset>
-               </copy>
-
-               <javac srcdir="${core-prep-source.dir}" destdir="${core-classes.dir}" includes="**/*.java" debug="on" source="1.5">
-                       <classpath refid="build-path" />
-               </javac>
-
-               <delete dir="${core-prep-source.dir}" />
-               
-       </target>
-
-       <!-- Compile unit test classes -->
-       <target name="compile-test" depends="compile-core">
-               <mkdir dir="${test-classes.dir}" />
-
-               <javac srcdir="${test-src.dir}" destdir="${test-classes.dir}" includes="**/*.java" debug="on" source="1.5">
-                       <classpath refid="test-path" />
-               </javac>
-
-       </target>
-
-       <!-- Compile and run unit tests -->
-       <target name="test" depends="compile-core, compile-test" description="Runs the unit tests for the project.">
-               <mkdir dir="${test-results.dir}" />
-
-               <echo message="Excuting unit tests using endorsed directory ${java.endorsed.dirs}" />
-               <junit printsummary="off" fork="yes" forkmode="once" haltonerror="false" haltonfailure="false" dir="${basedir}" errorproperty="testFailed">
-                       <jvmarg value="-Djava.endorsed.dirs=${java.endorsed.dirs}" />
-                       <classpath refid="test-path" />
-                       <formatter type="xml" />
-                       <batchtest todir="${test-results.dir}">
-                               <fileset dir="${test-classes.dir}">
-                                       <include name="**/*Test.class" />
-                               </fileset>
-                       </batchtest>
-               </junit>
-               <junitreport todir="${test-results.dir}">
-                       <fileset dir="${test-results.dir}">
-                               <include name="TEST-*.xml" />
-                       </fileset>
-                       <report format="frames" todir="${test-report.dir}" />
-               </junitreport>
-
-               <echo message="Test report available at ${test-report.dir}/index.html" />
-               <fail if="testFailed" message="Test failure; see ${test-report.dir}/index.html for more information." />
-       </target>
-
-       <!-- Javadoc core (non-test) classes -->
-       <target name="javadoc" description="Creates the JavaDoc documentatin for the project.">
-               <mkdir dir="${javadoc.dir}" />
-               <javadoc packagenames="org.opensaml.*" sourcepath="${core-src.dir}" destdir="${javadoc.dir}" author="false" version="true" windowtitle="${ant.project.name} ${version} Java API" doctitle="${ant.project.name} ${version} Java API" bottom="${copyright}" overview="${core-src.dir}/overview.html">
-                       <classpath refid="build-path" />
-               </javadoc>
-       </target>
-
-       <!-- Removes previously compiled files -->
-       <target name="clean-compile">
-               <delete dir="${build.dir}" />
-               <delete dir="${dist.dir}" />
-       </target>
-
-       <!-- Removes all build generated content -->
-       <target name="clean" depends="clean-compile" description="Removes any artifact produced by the build process.">
-               <delete dir="${javadoc.dir}" />
-               <delete dir="${reports.dir}" />
-               <delete dir="${dist.dir}" />
-       </target>
-
-       <!-- Create JAR file -->
-       <target name="package" depends="compile-core" description="Creates the project library jar file.">
-               <mkdir dir="${dist.dir}" />
-
-               <if>
-                       <equals arg1="${jdk.target}" arg2="1.4" />
-                       <then>
-                               <java classname="com.rc.retroweaver.Weaver">
-                                       <arg value="-source" />
-                                       <arg value="${core-classes.dir}" />
-                                       <classpath>
-                                               <fileset dir="${thirdpaty-lib.dir}">
-                                                       <include name="**/*.jar" />
-                                               </fileset>
-                                       </classpath>
-                               </java>
-
-                               <echo message="**************************************************************" />
-                               <echo message="    Remember, you must include the retroweaver-rt jar" />
-                               <echo message="    file, located in the thirdparty-lib directory, along with the" />
-                               <echo message="    ${jar.name} on your" />
-                               <echo message="    classpath in order to use this with JDK 1.4" />
-                               <echo message="**************************************************************" />
-
-                       </then>
-               </if>
-
-               <jar destfile="${dist.dir}/${jar.name}" whenempty="fail">
-                       <fileset dir="${classpathres.dir}" />
-                       <zipfileset dir="${metainf.dir}" prefix="META-INF/" />
-                       <zipfileset dir="${core-classes.dir}" />
-               </jar>
-
-       </target>
-
-       <target name="install" depends="package" description="Installs the identity provider software.">
-               <mkdir dir="${idp.home}" />
-               <mkdir dir="${idp.home}/lib" />
-               <mkdir dir="${idp.home}/conf" />
-               <mkdir dir="${idp.home}/logs" />
-               <mkdir dir="${idp.home}/bin" />
-               <mkdir dir="${idp.home}/war" />
-               <mkdir dir="${idp.home}/metadata" />
+    <!-- User based property file that overrides any property below -->
+    <property file="${user.name}-build.properties" />
+
+    <!-- Project based property file -->
+    <property file="build.properties" />
+
+    <!-- Installation specific property file -->
+    <property file="install.properties" />
+
+    <!-- Load ant-contrib tasks -->
+    <taskdef resource="net/sf/antcontrib/antlib.xml" />
+
+    <!-- Load Internet2 ant extensions -->
+    <taskdef resource="edu/internet2/middleware/ant/antlib.xml" />
+
+    <!-- Load Checkstyle tasks -->
+    <taskdef resource="checkstyletask.properties" />
+
+    <!-- Classpath for building core classes-->
+    <path id="build-path">
+        <fileset dir="${build-lib.dir}" includes="**/*.jar" />
+        <fileset dir="${lib.dir}" includes="**/*.jar" />
+    </path>
+
+    <!-- Classpath for testing classes-->
+    <path id="test-path">
+        <path refid="build-path" />
+        <pathelement location="${core-classes.dir}" />
+        <pathelement location="${core-src.dir}" />
+        <pathelement location="${test-classes.dir}" />
+        <pathelement location="${test-classes.dir}/data" />
+        <pathelement location="${test-classes.dir}/log4j.xml" />
+        <pathelement location="${test-src.dir}" />
+        <pathelement location="${classpathres.dir}" />
+    </path>
+
+    <!-- Prepare directory structure for build -->
+    <target name="build-init">
+        <mkdir dir="${build.dir}" />
+    </target>
+
+    <!-- Compile core (non-test) classes -->
+    <target name="compile-core" depends="build-init, clean-compile">
+        <mkdir dir="${core-prep-source.dir}" />
+        <mkdir dir="${core-classes.dir}" />
+
+        <copy todir="${core-prep-source.dir}" preservelastmodified="true">
+            <fileset dir="${core-src.dir}" />
+            <filterset begintoken="$" endtoken="$">
+                <filter token="IDP_HOME" value="${idp.home}" />
+                <filter token="IDP_VERSION" value="${version}" />
+            </filterset>
+        </copy>
+
+        <javac srcdir="${core-prep-source.dir}"
+               destdir="${core-classes.dir}"
+               includes="**/*.java"
+               debug="on"
+               source="1.5">
+            <classpath refid="build-path" />
+        </javac>
+
+        <delete dir="${core-prep-source.dir}" />
+
+    </target>
+
+    <!-- Compile unit test classes -->
+    <target name="compile-test" depends="compile-core">
+        <mkdir dir="${test-classes.dir}" />
+
+        <javac srcdir="${test-src.dir}" destdir="${test-classes.dir}" includes="**/*.java" debug="on" source="1.5">
+            <classpath refid="test-path" />
+        </javac>
+
+    </target>
+
+    <!-- Compile and run unit tests -->
+    <target name="test" depends="compile-core, compile-test" description="Runs the unit tests for the project.">
+        <mkdir dir="${test-results.dir}" />
+
+        <echo message="Excuting unit tests using endorsed directory ${java.endorsed.dirs}" />
+        <junit printsummary="off"
+               fork="yes"
+               forkmode="once"
+               haltonerror="false"
+               haltonfailure="false"
+               dir="${basedir}"
+               errorproperty="testFailed">
+            <jvmarg value="-Djava.endorsed.dirs=${java.endorsed.dirs}" />
+            <classpath refid="test-path" />
+            <formatter type="xml" />
+            <batchtest todir="${test-results.dir}">
+                <fileset dir="${test-classes.dir}">
+                    <include name="**/*Test.class" />
+                </fileset>
+            </batchtest>
+        </junit>
+        <junitreport todir="${test-results.dir}">
+            <fileset dir="${test-results.dir}">
+                <include name="TEST-*.xml" />
+            </fileset>
+            <report format="frames" todir="${test-report.dir}" />
+        </junitreport>
+
+        <echo message="Test report available at ${test-report.dir}/index.html" />
+        <fail if="testFailed" message="Test failure; see ${test-report.dir}/index.html for more information." />
+    </target>
+
+    <!-- Javadoc core (non-test) classes -->
+    <target name="javadoc" description="Creates the JavaDoc documentatin for the project.">
+        <mkdir dir="${javadoc.dir}" />
+        <javadoc packagenames="org.opensaml.*"
+                 sourcepath="${core-src.dir}"
+                 destdir="${javadoc.dir}"
+                 author="false"
+                 version="true"
+                 windowtitle="${ant.project.name} ${version} Java API"
+                 doctitle="${ant.project.name} ${version} Java API"
+                 bottom="${copyright}"
+                 overview="${core-src.dir}/overview.html">
+            <classpath refid="build-path" />
+        </javadoc>
+    </target>
+
+    <!-- Removes previously compiled files -->
+    <target name="clean-compile">
+        <delete dir="${build.dir}" />
+        <delete dir="${dist.dir}" />
+    </target>
+
+    <!-- Removes all build generated content -->
+    <target name="clean" depends="clean-compile" description="Removes any artifact produced by the build process.">
+        <delete dir="${javadoc.dir}" />
+        <delete dir="${reports.dir}" />
+        <delete dir="${dist.dir}" />
+    </target>
+
+    <!-- Create JAR file -->
+    <target name="package" depends="compile-core" description="Creates the project library jar file.">
+        <mkdir dir="${dist.dir}" />
+
+        <if>
+            <equals arg1="${jdk.target}" arg2="1.4" />
+            <then>
+                <java classname="com.rc.retroweaver.Weaver">
+                    <arg value="-source" />
+                    <arg value="${core-classes.dir}" />
+                    <classpath>
+                        <fileset dir="${thirdpaty-lib.dir}">
+                            <include name="**/*.jar" />
+                        </fileset>
+                    </classpath>
+                </java>
+
+                <echo message="**************************************************************" />
+                <echo message="    Remember, you must include the retroweaver-rt jar" />
+                <echo message="    file, located in the thirdparty-lib directory, along with the" />
+                <echo message="    ${jar.name} on your" />
+                <echo message="    classpath in order to use this with JDK 1.4" />
+                <echo message="**************************************************************" />
+
+            </then>
+        </if>
+
+        <jar destfile="${dist.dir}/${jar.name}" whenempty="fail">
+            <fileset dir="${classpathres.dir}" />
+            <zipfileset dir="${metainf.dir}" prefix="META-INF/" />
+            <zipfileset dir="${core-classes.dir}" />
+        </jar>
+
+    </target>
+
+    <target name="install" depends="package" description="Installs the identity provider software.">
+        <input message="Where should the Shibboleth Identity Provider software be installed? [default: ${idp.home}]"
+               addproperty="idp.home.input"
+               defaultvalue="${idp.home}" />
+        <var name="idp.home" value="${idp.home.input}" />
+
+        <input message="What is the hostname of the Shibboleth Identity Provider server?" addproperty="idp.hostname" />
+
+        <mkdir dir="${idp.home}" />
+        <mkdir dir="${idp.home}/bin" />
+        <mkdir dir="${idp.home}/conf" />
         <mkdir dir="${idp.home}/credentials" />
-
-               <copy todir="${idp.home}/lib" preservelastmodified="true">
-                       <fileset dir="${lib.dir}" />
-                       <fileset file="${dist.dir}/${jar.name}" />
-                       <fileset file="${build-lib.dir}/servlet-2.4.jar" />
-               </copy>
-
-               <if>
-                       <available file="${idp.home}/conf" />
-                       <then>
-                               <mkdir dir="${idp.home}/conf.bak" />
-                               <copy todir="${idp.home}/conf.bak" preservelastmodified="true">
-                                       <fileset dir="${idp.home}/conf" />
-                               </copy>
-                       </then>
-               </if>
-
-               <copy todir="${idp.home}/conf" preservelastmodified="true" overwrite="${idp.overwrite-config}">
-                       <fileset dir="${conf.dir}" />
-                       <filterset begintoken="$" endtoken="$">
-                               <filter token="IDP_HOME" value="${idp.home}" />
-                               <filter token="IDP_VERSION" value="${version}" />
-                       </filterset>
-               </copy>
-
-               <copy todir="${idp.home}/bin" preservelastmodified="true">
-                       <fileset dir="${tools.dir}" />
-                       <filterset begintoken="$" endtoken="$">
-                               <filter token="IDP_HOME" value="${idp.home}" />
-                               <filter token="IDP_VERSION" value="${version}" />
-                       </filterset>
-               </copy>
-
-               <chmod file="${idp.home}/bin/*.sh" perm="+x" />
-
-               <copy todir="${webinf-temp.dir}">
-                       <fileset dir="${webinf.dir}" />
-                       <filterset begintoken="$" endtoken="$">
-                               <filter token="IDP_HOME" value="${idp.home}" />
-                               <filter token="IDP_VERSION" value="${version}" />
-                       </filterset>
-               </copy>
-               <jar destfile="${idp.home}/war/${war.name}" whenempty="fail">
-                       <zipfileset dir="${webinf-temp.dir}" prefix="WEB-INF/" />
-                       <zipfileset dir="${webpages.dir}" prefix="" />
-                       <zipfileset dir="${lib.dir}" prefix="WEB-INF/lib/" />
-                       <zipfileset file="${dist.dir}/${jar.name}" prefix="WEB-INF/lib/" />
-               </jar>
-
-       </target>
-
-       <!-- **************************************************************** -->
-       <!-- ***                                                          *** -->
-       <!-- ***                     Developer Tasks                      *** -->
-       <!-- ***                                                          *** -->
-       <!-- **************************************************************** -->
-
-       <!-- Checks code against style guidelines -->
-       <target name="checkstyle" description="Developer task: Produces coding standard compliance report.">
-               <mkdir dir="${reports.dir}" />
-
-               <checkstyle config="${basedir}/checkstyle.xml" failOnViolation="false" classpathref="build-path">
-                       <fileset dir="src" includes="**/*.java" />
-                       <formatter type="plain" toFile="${reports.dir}/checkstyle-report.txt" />
-               </checkstyle>
-       </target>
+        <mkdir dir="${idp.home}/lib" />
+        <mkdir dir="${idp.home}/logs" />
+        <mkdir dir="${idp.home}/metadata" />
+        <mkdir dir="${idp.home}/war" />
+
+        <var name="idp.entity.id" value="https://${idp.hostname}/shibboleth" />
+            
+        <regexSplit input="${idp.hostname}" regex="^.*\.(.*\..*$)" addproperty="idp.scope" />
+            
+        <selfSignedCert hostname="${idp.hostname}"
+                        privateKeyFile="${idp.home}/credentials/idp.key"
+                        certificateFile="${idp.home}/credentials/idp.crt" />
+        <stringFromFile input="${idp.home}/credentials/idp.crt" addProperty="idp.cert" />
+
+        <copy todir="${idp.home}/bin" preservelastmodified="true">
+            <fileset dir="${tools.dir}" />
+            <filterset begintoken="$" endtoken="$">
+                <filter token="IDP_HOME" value="${idp.home}" />
+                <filter token="IDP_VERSION" value="${version}" />
+            </filterset>
+        </copy>
+        <chmod file="${idp.home}/bin/*.sh" perm="+x" />
+
+        <if>
+            <available file="${idp.home}/conf" />
+            <then>
+                <mkdir dir="${idp.home}/conf.bak" />
+                <copy todir="${idp.home}/conf.bak" preservelastmodified="true">
+                    <fileset dir="${idp.home}/conf" />
+                </copy>
+            </then>
+        </if>
+
+        <copy todir="${idp.home}/conf" preservelastmodified="true" overwrite="${idp.overwrite-config}">
+            <fileset dir="${conf.dir}" />
+            <filterset begintoken="$" endtoken="$">
+                <filter token="IDP_HOME" value="${idp.home}" />
+                <filter token="IDP_VERSION" value="${version}" />
+                <filter token="IDP_ENTITY_ID" value="${idp.entity.id}" />
+                <filter token="IDP_SCOPE" value="${idp.scope}" />
+                <filter token="IDP_CERTIFICATE" value="${idp.cert}" />
+                <filter token="IDP_HOSTNAME" value="${idp.hostname}" />
+            </filterset>
+        </copy>
+
+        <copy todir="${idp.home}/lib" preservelastmodified="true">
+            <fileset dir="${lib.dir}" />
+            <fileset file="${dist.dir}/${jar.name}" />
+            <fileset file="${build-lib.dir}/servlet-2.4.jar" />
+        </copy>
+
+        <copy todir="${idp.home}/metadata" preservelastmodified="true" overwrite="${idp.overwrite-config}">
+            <fileset dir="${metadata.dir}" />
+            <filterset begintoken="$" endtoken="$">
+                <filter token="IDP_ENTITY_ID" value="${idp.entity.id}" />
+                <filter token="IDP_SCOPE" value="${idp.scope}" />
+                <filter token="IDP_CERTIFICATE" value="${idp.cert}" />
+                <filter token="IDP_HOSTNAME" value="${idp.hostname}" />
+            </filterset>
+        </copy>
+
+        <copy todir="${webinf-temp.dir}">
+            <fileset dir="${webinf.dir}" />
+            <filterset begintoken="$" endtoken="$">
+                <filter token="IDP_HOME" value="${idp.home}" />
+                <filter token="IDP_VERSION" value="${version}" />
+            </filterset>
+        </copy>
+        <jar destfile="${idp.home}/war/${war.name}" whenempty="fail">
+            <zipfileset dir="${webinf-temp.dir}" prefix="WEB-INF/" />
+            <zipfileset dir="${webpages.dir}" prefix="" />
+            <zipfileset dir="${lib.dir}" prefix="WEB-INF/lib/" />
+            <zipfileset file="${dist.dir}/${jar.name}" prefix="WEB-INF/lib/" />
+        </jar>
+
+    </target>
+
+    <!-- **************************************************************** -->
+    <!-- ***                                                          *** -->
+    <!-- ***                     Developer Tasks                      *** -->
+    <!-- ***                                                          *** -->
+    <!-- **************************************************************** -->
+
+    <!-- Checks code against style guidelines -->
+    <target name="checkstyle" description="Developer task: Produces coding standard compliance report.">
+        <mkdir dir="${reports.dir}" />
+
+        <checkstyle config="${basedir}/checkstyle.xml" failOnViolation="false" classpathref="build-path">
+            <fileset dir="src" includes="**/*.java" />
+            <formatter type="plain" toFile="${reports.dir}/checkstyle-report.txt" />
+        </checkstyle>
+    </target>
 
 </project>
index 131d359..85074ec 100644 (file)
@@ -25,9 +25,9 @@
     <!-- ========================================== -->
     <!--      Relying Party Configurations          -->
     <!-- ========================================== -->
-    <AnonymousRelyingParty provider="http://example.org/IdP" />
+    <AnonymousRelyingParty provider="$IDP_ENTITY_ID$" />
     
-    <DefaultRelyingParty provider="http://example.org/IdP"
+    <DefaultRelyingParty provider="$IDP_ENTITY_ID$"
                          defaultSigningCredentialRef="IdPCredential">
         <ProfileConfiguration xsi:type="saml:ShibbolethSSOProfile" />
         <ProfileConfiguration xsi:type="saml:SAML1AttributeQueryProfile" />
@@ -63,6 +63,9 @@
                           metadataFile="$IDP_HOME$/metadata/somefile.xml" maintainExpiredMetadata="true" />
         -->
         
+        <!--  IDP's Metadata -->
+        <MetadataProvider id="FSMD" xsi:type="FilesystemMetadataProvider" xmlns="urn:mace:shibboleth:2.0:metadata"
+                          metadataFile="$IDP_HOME$/metadata/idp-metadata.xml" maintainExpiredMetadata="true" />
     </MetadataProvider>
 
     
diff --git a/resources/metadata/idp-metadata.xml b/resources/metadata/idp-metadata.xml
new file mode 100644 (file)
index 0000000..1da7ff8
--- /dev/null
@@ -0,0 +1,76 @@
+<EntityDescriptor entityID="$IDP_ENTITY_ID$"
+                  xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+                  xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+                  xmlns:shibmd="urn:mace:shibboleth:metadata:1.0"
+                  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+
+    <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+        <Extensions>
+            <shibmd:Scope regexp="false">$IDP_SCOPE$</shibmd:Scope>
+        </Extensions>
+
+        <KeyDescriptor>
+            <ds:KeyInfo>
+                <ds:X509Data>
+                    <ds:X509Certificate>
+$IDP_CERTIFICATE$
+                    </ds:X509Certificate>
+                </ds:X509Data>
+            </ds:KeyInfo>
+
+        </KeyDescriptor>
+
+        <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+        
+        <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
+                                   Location="https://$IDP_HOSTNAME$/idp/profile/SAML1/SOAP/ArtifactResolution" 
+                                   index="1"/>
+
+        <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+                                   Location="https://$IDP_HOSTNAME$/idp/profile/SAML2/SOAP/ArtifactResolution" 
+                                   index="2"/>
+
+        <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" 
+                             Location="https://$IDP_HOSTNAME$/idp/profile/Shibboleth/SSO" />
+
+        
+        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" 
+                             Location="https://$IDP_HOSTNAME$/idp/profile/SAML2/POST/SSO" />
+
+        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" 
+                             Location="https://$IDP_HOSTNAME$/idp/profile/SAML2/POST-SimpleSign/SSO" />
+        
+        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" 
+                             Location="https://$IDP_HOSTNAME$/idp/profile/SAML2/Redirect/SSO" />
+    </IDPSSODescriptor>
+
+    <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+        <Extensions>
+            <shibmd:Scope regexp="false">$IDP_SCOPE$</shibmd:Scope>
+        </Extensions>
+
+        <KeyDescriptor>
+            <ds:KeyInfo>
+                <ds:X509Data>
+
+                    <ds:X509Certificate>
+$IDP_CERTIFICATE$
+                    </ds:X509Certificate>
+                </ds:X509Data>
+            </ds:KeyInfo>
+        </KeyDescriptor>
+
+        <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" 
+                          Location="https://$IDP_HOSTNAME$/idp/profile/SAML1/SOAP/AttributeQuery" />
+        
+        <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+                          Location="https://$IDP_HOSTNAME$/idp/profile/SAML2/SOAP/AttributeQuery" />
+        
+        <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>    
+    </AttributeAuthorityDescriptor>
+    
+</EntityDescriptor>