</exclusion>
</exclusions>
</dependency>
- </dependencies>
+ <!-- Managed Dependencies -->
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>servlet-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>javax.servlet.jsp</groupId>
+ <artifactId>jsp-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>${xerces.groupId}</groupId>
+ <artifactId>xml-apis</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>${xerces.groupId}</groupId>
+ <artifactId>xercesImpl</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>${xerces.groupId}</groupId>
+ <artifactId>serializer</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>xml-resolver</groupId>
+ <artifactId>xml-resolver</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>${xalan.groupId}</groupId>
+ <artifactId>xalan</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>xmlunit</groupId>
+ <artifactId>xmlunit</artifactId>
+ </dependency>
+ </dependencies>
+ <distributionManagement>
+ <repository>
+ <id>release</id>
+ <url>${dist.release.url}</url>
+ </repository>
+ <snapshotRepository>
+ <id>snapshot</id>
+ <url>${dist.release.url}</url>
+ </snapshotRepository>
+ </distributionManagement>
<build>
<plugins>
<ph:RequestPath>/SAML2/Redirect/SSO</ph:RequestPath>
</ph:ProfileHandler>
+ <ph:ProfileHandler xsi:type="ph:SAML2SLO"
+ inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect">
+ <ph:RequestPath>/SAML2/Redirect/SLO</ph:RequestPath>
+ </ph:ProfileHandler>
+
+ <ph:ProfileHandler xsi:type="ph:SAML2SLO"
+ inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST">
+ <ph:RequestPath>/SAML2/POST/SLO</ph:RequestPath>
+ </ph:ProfileHandler>
+
+ <ph:ProfileHandler xsi:type="ph:SAML2SLO"
+ inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:SOAP">
+ <ph:RequestPath>/SAML2/SOAP/SLO</ph:RequestPath>
+ </ph:ProfileHandler>
+
- <ph:ProfileHandler xsi:type="ph:SAML2SSO"
- inboundBinding="urn:mace:shibboleth:2.0:profiles:AuthnRequest"
- outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign
- urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
- urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact">
-
- <ph:ProfileHandler xsi:type="ph:SAML2SSO" inboundBinding="urn:mace:shibboleth:2.0:profiles:AuthnRequest" outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact">
+ <ph:ProfileHandler xsi:type="ph:SAML2SSO" inboundBinding="urn:mace:shibboleth:2.0:profiles:AuthnRequest"
+ outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign
+ urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
+ urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact">
<ph:RequestPath>/SAML2/Unsolicited/SSO</ph:RequestPath>
</ph:ProfileHandler>
</ph:ProfileHandler>
<!-- Login Handlers -->
-- <ph:LoginHandler xsi:type="ph:RemoteUser">
++ <!-- <ph:LoginHandler xsi:type="ph:RemoteUser">
<ph:AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</ph:AuthenticationMethod>
-- </ph:LoginHandler>
++ </ph:LoginHandler>-->
<!-- Login handler that delegates the act of authentication to an external system. -->
<!-- This login handler and the RemoteUser login handler will be merged in the next major release. -->
</ph:LoginHandler>
-->
-- <!-- Username/password login handler -->
-- <!--
++ <!-- Username/password login handler -->
<ph:LoginHandler xsi:type="ph:UsernamePassword"
jaasConfigurationLocation="file://$IDP_HOME$/conf/login.config">
<ph:AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</ph:AuthenticationMethod>
</ph:LoginHandler>
-- -->
++
<!--
Removal of this login handler will disable SSO support, that is it will require the user to authenticate
We list them here so that people are aware of them (since they seem reluctant to
read the documentation).
-->
- <rp:ProfileConfiguration xsi:type="saml:ShibbolethSSOProfile" includeAttributeStatement="false" assertionLifetime="PT5M" signResponses="conditional" signAssertions="never"/>
+ <rp:ProfileConfiguration xsi:type="saml:ShibbolethSSOProfile" includeAttributeStatement="false"
+ assertionLifetime="PT5M" signResponses="conditional" signAssertions="never"/>
- <rp:ProfileConfiguration xsi:type="saml:SAML1AttributeQueryProfile" assertionLifetime="PT5M" signResponses="conditional" signAssertions="never"/>
+ <rp:ProfileConfiguration xsi:type="saml:SAML1AttributeQueryProfile" assertionLifetime="PT5M"
+ signResponses="conditional" signAssertions="never"/>
- <rp:ProfileConfiguration xsi:type="saml:SAML1ArtifactResolutionProfile" signResponses="conditional" signAssertions="never"/>
+ <rp:ProfileConfiguration xsi:type="saml:SAML1ArtifactResolutionProfile" signResponses="conditional"
+ signAssertions="never"/>
- <rp:ProfileConfiguration xsi:type="saml:SAML2SSOProfile" includeAttributeStatement="true" assertionLifetime="PT5M" assertionProxyCount="0" signResponses="never" signAssertions="always" encryptAssertions="conditional" encryptNameIds="never"/>
+ <rp:ProfileConfiguration xsi:type="saml:SAML2SSOProfile" includeAttributeStatement="true"
+ assertionLifetime="PT5M" assertionProxyCount="0"
+ signResponses="never" signAssertions="always"
+ encryptAssertions="conditional" encryptNameIds="never"/>
- <rp:ProfileConfiguration xsi:type="saml:SAML2ECPProfile" includeAttributeStatement="true" assertionLifetime="PT5M" assertionProxyCount="0" signResponses="never" signAssertions="always" encryptAssertions="conditional" encryptNameIds="never"/>
+ <rp:ProfileConfiguration xsi:type="saml:SAML2ECPProfile" includeAttributeStatement="true"
+ assertionLifetime="PT5M" assertionProxyCount="0"
+ signResponses="never" signAssertions="always"
+ encryptAssertions="conditional" encryptNameIds="never"/>
- <rp:ProfileConfiguration xsi:type="saml:SAML2AttributeQueryProfile" assertionLifetime="PT5M" assertionProxyCount="0" signResponses="conditional" signAssertions="never" encryptAssertions="conditional" encryptNameIds="never"/>
+ <rp:ProfileConfiguration xsi:type="saml:SAML2AttributeQueryProfile"
+ assertionLifetime="PT5M" assertionProxyCount="0"
+ signResponses="conditional" signAssertions="never"
+ encryptAssertions="conditional" encryptNameIds="never"/>
<rp:ProfileConfiguration xsi:type="saml:SAML2ArtifactResolutionProfile"
- signResponses="never" signAssertions="always"
- encryptAssertions="conditional" encryptNameIds="never"/>
+ signResponses="never"
+ signAssertions="always"
+ encryptAssertions="conditional"
+ encryptNameIds="never"/>
+
+ <rp:ProfileConfiguration xsi:type="saml:SAML2LogoutRequestProfile"
+ signResponses="always"
+ signAssertions="never"
+ encryptAssertions="never"
- encryptNameIds="conditional" />
- <rp:ProfileConfiguration xsi:type="saml:SAML2ArtifactResolutionProfile" signResponses="never" signAssertions="always" encryptAssertions="conditional" encryptNameIds="never"/>
++ encryptNameIds="never"
++ frontChannelResponseTimeout="20000"
++ backChannelConnectionPoolTimeout="2000"
++ backChannelConnectionTimeout="2000"
++ backChannelResponseTimeout="5000" />
</rp:DefaultRelyingParty>
</AttributeAuthorityDescriptor>
- <<<<<<< HEAD
-</EntityDescriptor>
+</EntityDescriptor>
- =======
- </EntityDescriptor>
- >>>>>>> master