Configuration and metadata template added for SLO.
authorAdam Lantos <hege@playma.org>
Mon, 10 Aug 2009 12:58:43 +0000 (14:58 +0200)
committerAdam Lantos <hege@playma.org>
Mon, 10 Aug 2009 12:58:43 +0000 (14:58 +0200)
src/installer/resources/conf-tmpl/handler.xml
src/installer/resources/conf-tmpl/relying-party.xml
src/installer/resources/metadata-tmpl/idp-metadata.xml
src/main/webapp/WEB-INF/web.xml

index a6a8c72..b9d3ad1 100644 (file)
                                                 urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact">
         <RequestPath>/SAML2/Redirect/SSO</RequestPath>
     </ProfileHandler>
+
+    <ProfileHandler xsi:type="SAML2SLO" 
+                    inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+                    outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect">
+        <RequestPath>/SAML2/Redirect/SLO</RequestPath>
+    </ProfileHandler>
+
+    <ProfileHandler xsi:type="SAML2SLO" 
+                    inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+                    outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST">
+        <RequestPath>/SAML2/POST/SLO</RequestPath>
+    </ProfileHandler>
+
+    <ProfileHandler xsi:type="SAML2SLO" 
+                    inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+                    outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:SOAP">
+        <RequestPath>/SAML2/SOAP/SLO</RequestPath>
+    </ProfileHandler>
     
     <ProfileHandler xsi:type="SAML2AttributeQuery"
                     inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
index ed94237..71963a6 100644 (file)
                               signAssertions="never"
                               encryptAssertions="conditional"
                               encryptNameIds="never"/>
+
+         <ProfileConfiguration xsi:type="saml:SAML2LogoutRequestProfile"
+                              signResponses="always"
+                              signAssertions="never"
+                              encryptAssertions="never"
+                              encryptNameIds="conditional" />
         
     </DefaultRelyingParty>
         
index 28f7608..14d98e5 100644 (file)
@@ -27,6 +27,17 @@ $IDP_CERTIFICATE$
         <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
                                    Location="https://$IDP_HOSTNAME$:8443/idp/profile/SAML2/SOAP/ArtifactResolution" 
                                    index="2"/>
+        
+        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" 
+                             Location="https://$IDP_HOSTNAME$/idp/profile/SAML2/Redirect/SLO" 
+                             ResponseLocation="https://$IDP_HOSTNAME$/idp/profile/SAML2/Redirect/SLO"/>
+        
+        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" 
+                             Location="https://$IDP_HOSTNAME$/idp/profile/SAML2/POST/SLO" 
+                             ResponseLocation="https://$IDP_HOSTNAME$/idp/profile/SAML2/POST/SLO"/>
+        
+        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" 
+                             Location="https://$IDP_HOSTNAME$:8443/idp/profile/SAML2/SOAP/SLO" />
                                    
         <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
         <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
@@ -71,4 +82,4 @@ $IDP_CERTIFICATE$
         
     </AttributeAuthorityDescriptor>
     
-</EntityDescriptor>    
\ No newline at end of file
+</EntityDescriptor>    
index f361135..4f995ac 100644 (file)
     </filter-mapping>
     <filter-mapping>
         <filter-name>SLOContextFilter</filter-name>
+        <url-pattern>/profile/SAML2/POST/SLO</url-pattern>
+    </filter-mapping>
+    <filter-mapping>
+        <filter-name>SLOContextFilter</filter-name>
         <url-pattern>/SLOServlet</url-pattern>
         <dispatcher>REQUEST</dispatcher>
         <dispatcher>FORWARD</dispatcher>
     </login-config>
 -->
 
-</web-app>
\ No newline at end of file
+</web-app>