Browse Source

Test 3.3.3

montee_version
Teddy Cornaut 1 year ago
parent
commit
35be99a990
100 changed files with 0 additions and 5243 deletions
  1. 0
    0
      src/.gitkeep
  2. BIN
      src/shibboleth-identity-provider-3.2.1/bin/lib/idp-installer-3.2.1.jar
  3. 0
    32
      src/shibboleth-identity-provider-3.2.1/conf/access-control.xml
  4. 0
    295
      src/shibboleth-identity-provider-3.2.1/conf/attribute-resolver-full.xml
  5. 0
    97
      src/shibboleth-identity-provider-3.2.1/conf/attribute-resolver-ldap.xml
  6. 0
    95
      src/shibboleth-identity-provider-3.2.1/conf/attribute-resolver.xml
  7. 0
    103
      src/shibboleth-identity-provider-3.2.1/conf/audit.xml
  8. 0
    53
      src/shibboleth-identity-provider-3.2.1/conf/cas-protocol.xml
  9. 0
    32
      src/shibboleth-identity-provider-3.2.1/dist/conf/access-control.xml.dist
  10. 0
    295
      src/shibboleth-identity-provider-3.2.1/dist/conf/attribute-resolver-full.xml.dist
  11. 0
    97
      src/shibboleth-identity-provider-3.2.1/dist/conf/attribute-resolver-ldap.xml.dist
  12. 0
    95
      src/shibboleth-identity-provider-3.2.1/dist/conf/attribute-resolver.xml.dist
  13. 0
    103
      src/shibboleth-identity-provider-3.2.1/dist/conf/audit.xml.dist
  14. 0
    53
      src/shibboleth-identity-provider-3.2.1/dist/conf/cas-protocol.xml.dist
  15. 0
    73
      src/shibboleth-identity-provider-3.2.1/dist/messages/authn-messages.properties.dist
  16. 0
    77
      src/shibboleth-identity-provider-3.2.1/dist/messages/consent-messages.properties.dist
  17. 0
    119
      src/shibboleth-identity-provider-3.2.1/dist/messages/error-messages.properties.dist
  18. 0
    47
      src/shibboleth-identity-provider-3.2.1/dist/views/resolvertest.vm.dist
  19. 0
    61
      src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/etc/jetty-deploy.xml
  20. 0
    24
      src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/etc/jetty-requestlog.xml
  21. 0
    343
      src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/etc/jetty.xml
  22. BIN
      src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/lib/ext/jetty9-dta-ssl-1.0.0.jar
  23. BIN
      src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/lib/logging/jcl-over-slf4j-1.7.12.jar
  24. BIN
      src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/lib/logging/logback-access-1.1.3.jar
  25. BIN
      src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/lib/logging/logback-classic-1.1.3.jar
  26. BIN
      src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/lib/logging/logback-core-1.1.3.jar
  27. 0
    14
      src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/resources/logback-access.xml
  28. 0
    21
      src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/resources/logback.xml
  29. 0
    49
      src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/start.d/idp.ini
  30. 0
    15
      src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/start.d/jsp.ini
  31. 0
    9
      src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/start.d/jstl.ini
  32. 0
    125
      src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/start.ini
  33. 0
    38
      src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/webapps/idp.xml
  34. 0
    17
      src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/webapps/static.xml
  35. 0
    73
      src/shibboleth-identity-provider-3.2.1/messages/authn-messages.properties
  36. 0
    77
      src/shibboleth-identity-provider-3.2.1/messages/consent-messages.properties
  37. 0
    119
      src/shibboleth-identity-provider-3.2.1/messages/error-messages.properties
  38. 0
    20
      src/shibboleth-identity-provider-3.2.1/system/conf/cas-protocol-system.xml
  39. 0
    167
      src/shibboleth-identity-provider-3.2.1/system/conf/webflow-config.xml
  40. 0
    39
      src/shibboleth-identity-provider-3.2.1/system/flows/admin/admin-abstract-beans.xml
  41. 0
    61
      src/shibboleth-identity-provider-3.2.1/system/flows/admin/admin-abstract-flow.xml
  42. 0
    45
      src/shibboleth-identity-provider-3.2.1/system/flows/c14n/subject-c14n-saml-flow.xml
  43. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/aopalliance-1.0.jar
  44. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/commons-collections-3.2.1.jar
  45. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/cryptacular-1.0.jar
  46. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/guava-18.0.jar
  47. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-attribute-api-3.2.1.jar
  48. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-attribute-filter-api-3.2.1.jar
  49. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-attribute-filter-impl-3.2.1.jar
  50. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-attribute-filter-spring-3.2.1.jar
  51. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-attribute-resolver-api-3.2.1.jar
  52. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-attribute-resolver-impl-3.2.1.jar
  53. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-attribute-resolver-spring-3.2.1.jar
  54. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-authn-api-3.2.1.jar
  55. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-authn-impl-3.2.1.jar
  56. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-cas-api-3.2.1.jar
  57. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-cas-impl-3.2.1.jar
  58. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-consent-api-3.2.1.jar
  59. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-core-3.2.1.jar
  60. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-profile-api-3.2.1.jar
  61. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-profile-impl-3.2.1.jar
  62. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-profile-spring-3.2.1.jar
  63. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-saml-api-3.2.1.jar
  64. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-saml-impl-3.2.1.jar
  65. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-schema-3.2.1.jar
  66. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-session-api-3.2.1.jar
  67. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-session-impl-3.2.1.jar
  68. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/idp-ui-3.2.1.jar
  69. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/opensaml-core-3.2.0.jar
  70. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/opensaml-messaging-api-3.2.0.jar
  71. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/opensaml-messaging-impl-3.2.0.jar
  72. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/opensaml-profile-api-3.2.0.jar
  73. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/opensaml-profile-impl-3.2.0.jar
  74. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/opensaml-saml-api-3.2.0.jar
  75. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/opensaml-saml-impl-3.2.0.jar
  76. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/opensaml-security-api-3.2.0.jar
  77. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/opensaml-security-impl-3.2.0.jar
  78. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/opensaml-soap-api-3.2.0.jar
  79. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/opensaml-soap-impl-3.2.0.jar
  80. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/opensaml-storage-api-3.2.0.jar
  81. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/opensaml-storage-impl-3.2.0.jar
  82. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/opensaml-xmlsec-api-3.2.0.jar
  83. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/opensaml-xmlsec-impl-3.2.0.jar
  84. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/spring-aop-4.2.3.RELEASE.jar
  85. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/spring-beans-4.2.3.RELEASE.jar
  86. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/spring-context-4.2.3.RELEASE.jar
  87. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/spring-core-4.2.3.RELEASE.jar
  88. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/spring-expression-4.2.3.RELEASE.jar
  89. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/spring-extensions-5.2.0.jar
  90. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/spring-jdbc-4.2.3.RELEASE.jar
  91. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/spring-orm-4.2.3.RELEASE.jar
  92. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/spring-web-4.2.3.RELEASE.jar
  93. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/WEB-INF/lib/spring-webmvc-4.2.3.RELEASE.jar
  94. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/css/BebasNeue-webfont.eot
  95. 0
    1936
      src/shibboleth-identity-provider-3.2.1/webapp/css/BebasNeue-webfont.svg
  96. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/css/BebasNeue-webfont.ttf
  97. BIN
      src/shibboleth-identity-provider-3.2.1/webapp/css/BebasNeue-webfont.woff
  98. 0
    10
      src/shibboleth-identity-provider-3.2.1/webapp/css/bootstrap.min.css
  99. 0
    314
      src/shibboleth-identity-provider-3.2.1/webapp/css/login.css
  100. 0
    0
      src/shibboleth-identity-provider-3.2.1/webapp/css/oswald-bold-webfont.eot

+ 0
- 0
src/.gitkeep View File


BIN
src/shibboleth-identity-provider-3.2.1/bin/lib/idp-installer-3.2.1.jar View File


+ 0
- 32
src/shibboleth-identity-provider-3.2.1/conf/access-control.xml View File

@@ -1,32 +0,0 @@
1
-<?xml version="1.0" encoding="UTF-8"?>
2
-<beans xmlns="http://www.springframework.org/schema/beans"
3
-       xmlns:context="http://www.springframework.org/schema/context"
4
-       xmlns:util="http://www.springframework.org/schema/util"
5
-       xmlns:p="http://www.springframework.org/schema/p"
6
-       xmlns:c="http://www.springframework.org/schema/c"
7
-       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
8
-       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
9
-                           http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
10
-                           http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
11
-                           
12
-       default-init-method="initialize"
13
-       default-destroy-method="destroy">
14
-
15
-    <!-- Map of access control policies used to limit access to administrative functions. -->
16
-
17
-    <!--
18
-    The only built-in implementation of the AccessControl interface is IP-based, as below.
19
-    The ranges provided MUST be CIDR network expressions. To specify a single address,
20
-    add "/32" or "/128" for IPv4 or IPv6 respectively.
21
-    -->
22
-
23
-    <util:map id="shibboleth.AccessControlPolicies">
24
-    
25
-        <entry key="AccessByIPAddress">
26
-            <bean parent="shibboleth.IPRangeAccessControl"
27
-                p:allowedRanges="#{ {'127.0.0.1/32', '::1/128'} }" />
28
-        </entry>
29
-    
30
-    </util:map>
31
-
32
-</beans>

+ 0
- 295
src/shibboleth-identity-provider-3.2.1/conf/attribute-resolver-full.xml View File

@@ -1,295 +0,0 @@
1
-<?xml version="1.0" encoding="UTF-8"?>
2
-<!-- 
3
-    This file is an EXAMPLE configuration file containing lots of commented
4
-    example attributes, encoders, and a couple of example data connectors.
5
-    
6
-    Not all attribute definitions or data connectors are demonstrated, but
7
-    a variety of LDAP attributes, some common to Shibboleth deployments and
8
-    many not, are included.
9
-    
10
-    Deployers should refer to the Shibboleth 2 documentation for a complete
11
-    list of components  and their options.
12
--->
13
-<resolver:AttributeResolver
14
-        xmlns:resolver="urn:mace:shibboleth:2.0:resolver"
15
-        xmlns:pc="urn:mace:shibboleth:2.0:resolver:pc"
16
-        xmlns:ad="urn:mace:shibboleth:2.0:resolver:ad"
17
-        xmlns:dc="urn:mace:shibboleth:2.0:resolver:dc"
18
-        xmlns:enc="urn:mace:shibboleth:2.0:attribute:encoder"
19
-        xmlns:sec="urn:mace:shibboleth:2.0:security"
20
-        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
21
-        xsi:schemaLocation="urn:mace:shibboleth:2.0:resolver http://shibboleth.net/schema/idp/shibboleth-attribute-resolver.xsd
22
-                            urn:mace:shibboleth:2.0:resolver:pc http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-pc.xsd
23
-                            urn:mace:shibboleth:2.0:resolver:ad http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-ad.xsd
24
-                            urn:mace:shibboleth:2.0:resolver:dc http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-dc.xsd
25
-                            urn:mace:shibboleth:2.0:attribute:encoder http://shibboleth.net/schema/idp/shibboleth-attribute-encoder.xsd
26
-                            urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd">
27
-
28
-    <!-- ========================================== -->
29
-    <!--      Attribute Definitions                 -->
30
-    <!-- ========================================== -->
31
-
32
-    <!-- Schema: Core schema attributes-->
33
-    <!--
34
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="uid" sourceAttributeID="uid">
35
-        <resolver:Dependency ref="myLDAP" />
36
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:uid" encodeType="false" />
37
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.1" friendlyName="uid" encodeType="false" />
38
-    </resolver:AttributeDefinition>
39
-
40
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="mail" sourceAttributeID="mail">
41
-        <resolver:Dependency ref="myLDAP" />
42
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:mail" encodeType="false" />
43
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.3" friendlyName="mail" encodeType="false" />
44
-    </resolver:AttributeDefinition>
45
-
46
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="homePhone" sourceAttributeID="homePhone">
47
-        <resolver:Dependency ref="myLDAP" />
48
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:homePhone" encodeType="false" />
49
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.20" friendlyName="homePhone" encodeType="false" />
50
-    </resolver:AttributeDefinition>
51
-
52
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="homePostalAddress" sourceAttributeID="homePostalAddress">
53
-        <resolver:Dependency ref="myLDAP" />
54
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:homePostalAddress" encodeType="false" />
55
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.39" friendlyName="homePostalAddress" encodeType="false" />
56
-    </resolver:AttributeDefinition>
57
-
58
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="mobileNumber" sourceAttributeID="mobile">
59
-        <resolver:Dependency ref="myLDAP" />
60
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:mobile" encodeType="false" />
61
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.41" friendlyName="mobile" encodeType="false" />
62
-    </resolver:AttributeDefinition>
63
-
64
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="pagerNumber" sourceAttributeID="pager">
65
-        <resolver:Dependency ref="myLDAP" />
66
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:pager" encodeType="false" />
67
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.42" friendlyName="pager" encodeType="false" />
68
-    </resolver:AttributeDefinition>
69
-
70
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="surname" sourceAttributeID="sn">
71
-        <resolver:Dependency ref="myLDAP" />
72
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:sn" encodeType="false" />
73
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.4" friendlyName="sn" encodeType="false" />
74
-    </resolver:AttributeDefinition>
75
-
76
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="locality" sourceAttributeID="l">
77
-        <resolver:Dependency ref="myLDAP" />
78
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:l" encodeType="false" />
79
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.7" friendlyName="l" encodeType="false" />
80
-    </resolver:AttributeDefinition>
81
-
82
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="stateProvince" sourceAttributeID="st">
83
-        <resolver:Dependency ref="myLDAP" />
84
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:st" encodeType="false" />
85
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.8" friendlyName="st" encodeType="false" />
86
-    </resolver:AttributeDefinition>
87
-
88
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="street" sourceAttributeID="street">
89
-        <resolver:Dependency ref="myLDAP" />
90
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:street" encodeType="false" />
91
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.9" friendlyName="street" encodeType="false" />
92
-    </resolver:AttributeDefinition>
93
-
94
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="organizationName" sourceAttributeID="o">
95
-        <resolver:Dependency ref="myLDAP" />
96
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:o" encodeType="false" />
97
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.10" friendlyName="o" encodeType="false" />
98
-    </resolver:AttributeDefinition>
99
-
100
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="organizationalUnit" sourceAttributeID="ou">
101
-        <resolver:Dependency ref="myLDAP" />
102
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:ou" encodeType="false" />
103
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.11" friendlyName="ou" encodeType="false" />
104
-    </resolver:AttributeDefinition>
105
-
106
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="title" sourceAttributeID="title">
107
-        <resolver:Dependency ref="myLDAP" />
108
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:title" encodeType="false" />
109
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.12" friendlyName="title" encodeType="false" />
110
-    </resolver:AttributeDefinition>
111
-
112
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="postalAddress" sourceAttributeID="postalAddress">
113
-        <resolver:Dependency ref="myLDAP" />
114
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:postalAddress" encodeType="false" />
115
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.16" friendlyName="postalAddress" encodeType="false" />
116
-    </resolver:AttributeDefinition>
117
-
118
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="postalCode" sourceAttributeID="postalCode">
119
-        <resolver:Dependency ref="myLDAP" />
120
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:postalCode" encodeType="false" />
121
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.17" friendlyName="postalCode" encodeType="false" />
122
-    </resolver:AttributeDefinition>
123
-
124
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="postOfficeBox" sourceAttributeID="postOfficeBox">
125
-        <resolver:Dependency ref="myLDAP" />
126
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:postOfficeBox" encodeType="false" />
127
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.18" friendlyName="postOfficeBox" encodeType="false" />
128
-    </resolver:AttributeDefinition>
129
-
130
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="telephoneNumber" sourceAttributeID="telephoneNumber">
131
-        <resolver:Dependency ref="myLDAP" />
132
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:telephoneNumber" encodeType="false" />
133
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.20" friendlyName="telephoneNumber" encodeType="false" />
134
-    </resolver:AttributeDefinition>
135
-
136
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="givenName" sourceAttributeID="givenName">
137
-        <resolver:Dependency ref="myLDAP" />
138
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:givenName" encodeType="false" />
139
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.42" friendlyName="givenName" encodeType="false" />
140
-    </resolver:AttributeDefinition>
141
-
142
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="initials" sourceAttributeID="initials">
143
-        <resolver:Dependency ref="myLDAP" />
144
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:initials" encodeType="false" />
145
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.43" friendlyName="initials" encodeType="false" />
146
-    </resolver:AttributeDefinition>
147
-     -->
148
-
149
-    <!-- Schema: inetOrgPerson attributes-->
150
-    <!--
151
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="departmentNumber" sourceAttributeID="departmentNumber">
152
-        <resolver:Dependency ref="myLDAP" />
153
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:departmentNumber" encodeType="false" />
154
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.16.840.1.113730.3.1.2" friendlyName="departmentNumber" encodeType="false" />
155
-    </resolver:AttributeDefinition>
156
-    
157
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="displayName" sourceAttributeID="displayName">
158
-        <resolver:Dependency ref="myLDAP" />
159
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:displayName" encodeType="false" />
160
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.16.840.1.113730.3.1.241" friendlyName="displayName" encodeType="false" />
161
-    </resolver:AttributeDefinition> 
162
-
163
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="employeeNumber" sourceAttributeID="employeeNumber">
164
-        <resolver:Dependency ref="myLDAP" />
165
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:employeeNumber" encodeType="false" />
166
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.16.840.1.113730.3.1.3" friendlyName="employeeNumber" encodeType="false" />
167
-    </resolver:AttributeDefinition>
168
-
169
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="employeeType" sourceAttributeID="employeeType">
170
-        <resolver:Dependency ref="myLDAP" />
171
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:employeeType" encodeType="false" />
172
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.16.840.1.113730.3.1.4" friendlyName="employeeType" encodeType="false" />
173
-    </resolver:AttributeDefinition>
174
-
175
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="jpegPhoto" sourceAttributeID="jpegPhoto">
176
-        <resolver:Dependency ref="myLDAP" />
177
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:jpegPhoto" encodeType="false" />
178
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.60" friendlyName="jpegPhoto" encodeType="false" />
179
-    </resolver:AttributeDefinition>
180
-
181
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="preferredLanguage" sourceAttributeID="preferredLanguage">
182
-        <resolver:Dependency ref="myLDAP" />
183
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:preferredLanguage" encodeType="false" />
184
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.16.840.1.113730.3.1.39" friendlyName="preferredLanguage" encodeType="false" />
185
-    </resolver:AttributeDefinition>
186
-    -->
187
-
188
-    <!-- Schema: eduPerson attributes -->
189
-    <!--
190
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="eduPersonAffiliation" sourceAttributeID="eduPersonAffiliation">
191
-        <resolver:Dependency ref="myLDAP" />
192
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:eduPersonAffiliation" encodeType="false" />
193
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1" friendlyName="eduPersonAffiliation" encodeType="false" />
194
-    </resolver:AttributeDefinition>
195
-
196
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="eduPersonEntitlement" sourceAttributeID="eduPersonEntitlement">
197
-        <resolver:Dependency ref="myLDAP" />
198
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:eduPersonEntitlement" encodeType="false" />
199
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" friendlyName="eduPersonEntitlement" encodeType="false" />
200
-    </resolver:AttributeDefinition>
201
-
202
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="eduPersonNickname" sourceAttributeID="eduPersonNickname">
203
-        <resolver:Dependency ref="myLDAP" />
204
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:eduPersonNickname" encodeType="false" />
205
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.2" friendlyName="eduPersonNickname" encodeType="false" />
206
-    </resolver:AttributeDefinition>
207
-
208
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="eduPersonPrimaryAffiliation" sourceAttributeID="eduPersonPrimaryAffiliation">
209
-        <resolver:Dependency ref="myLDAP" />
210
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation" encodeType="false" />
211
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.5" friendlyName="eduPersonPrimaryAffiliation" encodeType="false" />
212
-    </resolver:AttributeDefinition>
213
-
214
-    <resolver:AttributeDefinition xsi:type="ad:Scoped" id="eduPersonUniqueId" scope="%{idp.scope}" sourceAttributeID="localUniqueId">
215
-        <resolver:Dependency ref="myLDAP" />
216
-        <resolver:AttributeEncoder xsi:type="enc:SAML1ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.13" encodeType="false" />
217
-        <resolver:AttributeEncoder xsi:type="enc:SAML2ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.13" friendlyName="eduPersonUniqueId" encodeType="false" />
218
-    </resolver:AttributeDefinition>
219
-
220
-    <resolver:AttributeDefinition xsi:type="ad:Prescoped" id="eduPersonPrincipalName" sourceAttributeID="eduPersonPrincipalName">
221
-        <resolver:Dependency ref="myLDAP" />
222
-        <resolver:AttributeEncoder xsi:type="enc:SAML1ScopedString" name="urn:mace:dir:attribute-def:eduPersonPrincipalName" encodeType="false" />
223
-        <resolver:AttributeEncoder xsi:type="enc:SAML2ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" friendlyName="eduPersonPrincipalName" encodeType="false" />
224
-    </resolver:AttributeDefinition>
225
-
226
-    <resolver:AttributeDefinition xsi:type="ad:Prescoped" id="eduPersonPrincipalNamePrior" sourceAttributeID="eduPersonPrincipalNamePrior">
227
-        <resolver:Dependency ref="myLDAP" />
228
-        <resolver:AttributeEncoder xsi:type="enc:SAML1ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.12" encodeType="false" />
229
-        <resolver:AttributeEncoder xsi:type="enc:SAML2ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.12" friendlyName="eduPersonPrincipalNamePrior" encodeType="false" />
230
-    </resolver:AttributeDefinition>
231
-
232
-    <resolver:AttributeDefinition xsi:type="ad:Scoped" id="eduPersonScopedAffiliation" scope="%{idp.scope}" sourceAttributeID="eduPersonAffiliation">
233
-        <resolver:Dependency ref="myLDAP" />
234
-        <resolver:AttributeEncoder xsi:type="enc:SAML1ScopedString" name="urn:mace:dir:attribute-def:eduPersonScopedAffiliation" encodeType="false" />
235
-        <resolver:AttributeEncoder xsi:type="enc:SAML2ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" friendlyName="eduPersonScopedAffiliation" encodeType="false" />
236
-    </resolver:AttributeDefinition>
237
-    
238
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="eduPersonAssurance" sourceAttributeID="eduPersonAssurance">
239
-        <resolver:Dependency ref="myLDAP" />
240
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:eduPersonAssurance" encodeType="false" />
241
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" friendlyName="eduPersonAssurance" encodeType="false" />
242
-    </resolver:AttributeDefinition>
243
-    -->
244
-
245
-    <!-- ========================================== -->
246
-    <!--      Data Connectors                       -->
247
-    <!-- ========================================== -->
248
-
249
-    <!-- Example Static Connector -->
250
-    <!--
251
-    <resolver:DataConnector id="staticAttributes" xsi:type="dc:Static">
252
-        <dc:Attribute id="eduPersonAffiliation">
253
-            <dc:Value>member</dc:Value>
254
-        </dc:Attribute>
255
-    </resolver:DataConnector>
256
-    -->
257
-
258
-    <!-- Example Relational Database Connector -->
259
-    <!--
260
-    <resolver:DataConnector id="mySIS" xsi:type="dc:RelationalDatabase">
261
-        <dc:ApplicationManagedConnection jdbcDriver="oracle.jdbc.driver.OracleDriver"
262
-                                         jdbcURL="jdbc:oracle:thin:@db.example.org:1521:SomeDB" 
263
-                                         jdbcUserName="myid" 
264
-                                         jdbcPassword="mypassword" />
265
-        <dc:QueryTemplate>
266
-            <![CDATA[
267
-                SELECT * FROM student WHERE gzbtpid = '$resolutionContext.principal'
268
-            ]]>
269
-        </dc:QueryTemplate>
270
-
271
-        <dc:Column columnName="gzbtpid" attributeID="uid" />
272
-        <dc:Column columnName="fqlft" attributeID="gpa" />
273
-    </resolver:DataConnector>
274
-     -->
275
-
276
-    <!-- Example LDAP Connector -->
277
-    <!--
278
-    <resolver:DataConnector id="myLDAP" xsi:type="dc:LDAPDirectory"
279
-        ldapURL="%{idp.attribute.resolver.LDAP.ldapURL}"
280
-        baseDN="%{idp.attribute.resolver.LDAP.baseDN}" 
281
-        principal="%{idp.attribute.resolver.LDAP.bindDN}"
282
-        principalCredential="%{idp.attribute.resolver.LDAP.bindDNCredential}"
283
-        useStartTLS="%{idp.attribute.resolver.LDAP.useStartTLS:true}">
284
-        <dc:FilterTemplate>
285
-            <![CDATA[
286
-                %{idp.attribute.resolver.LDAP.searchFilter}
287
-            ]]>
288
-        </dc:FilterTemplate>
289
-        <dc:StartTLSTrustCredential id="LDAPtoIdPCredential" xsi:type="sec:X509ResourceBacked">
290
-            <sec:Certificate>%{idp.attribute.resolver.LDAP.trustCertificates}</sec:Certificate>
291
-        </dc:StartTLSTrustCredential>
292
-    </resolver:DataConnector>
293
-    -->
294
-
295
-</resolver:AttributeResolver>

+ 0
- 97
src/shibboleth-identity-provider-3.2.1/conf/attribute-resolver-ldap.xml View File

@@ -1,97 +0,0 @@
1
-<?xml version="1.0" encoding="UTF-8"?>
2
-<!-- 
3
-    This file is an EXAMPLE configuration file. While the configuration
4
-    presented in this example file is semi-functional, it isn't very
5
-    interesting. It is here only as a starting point for your deployment
6
-    process.
7
-    
8
-    Very few attribute definitions and data connectors are demonstrated,
9
-    and use of LDAP is assumed, with the LDAP configuration primarily
10
-    supplied from the ldap.properties file.
11
-
12
-    Attribute-resolver-full.xml contains more examples of attributes,
13
-    encoders, and data connectors. Deployers should refer to the Shibboleth
14
-    documentation for a complete list of components and their options.
15
--->
16
-<resolver:AttributeResolver
17
-        xmlns:resolver="urn:mace:shibboleth:2.0:resolver" 
18
-        xmlns:pc="urn:mace:shibboleth:2.0:resolver:pc"
19
-        xmlns:ad="urn:mace:shibboleth:2.0:resolver:ad" 
20
-        xmlns:dc="urn:mace:shibboleth:2.0:resolver:dc"
21
-        xmlns:enc="urn:mace:shibboleth:2.0:attribute:encoder" 
22
-        xmlns:sec="urn:mace:shibboleth:2.0:security"
23
-        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
24
-        xsi:schemaLocation="urn:mace:shibboleth:2.0:resolver http://shibboleth.net/schema/idp/shibboleth-attribute-resolver.xsd
25
-                            urn:mace:shibboleth:2.0:resolver:pc http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-pc.xsd
26
-                            urn:mace:shibboleth:2.0:resolver:ad http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-ad.xsd
27
-                            urn:mace:shibboleth:2.0:resolver:dc http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-dc.xsd
28
-                            urn:mace:shibboleth:2.0:attribute:encoder http://shibboleth.net/schema/idp/shibboleth-attribute-encoder.xsd
29
-                            urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd">
30
-
31
-    <!-- ========================================== -->
32
-    <!--      Attribute Definitions                 -->
33
-    <!-- ========================================== -->
34
-
35
-    <!--
36
-    The EPPN is the "standard" federated username in higher ed.
37
-    For guidelines on the implementation of this attribute, refer
38
-    to the Shibboleth and eduPerson documentation. Above all, do
39
-    not expose a value for this attribute without considering the
40
-    long term implications. 
41
-    -->
42
-    <resolver:AttributeDefinition id="eduPersonPrincipalName" xsi:type="ad:Prescoped" sourceAttributeID="eduPersonPrincipalName">
43
-        <resolver:Dependency ref="myLDAP" />
44
-        <resolver:AttributeEncoder xsi:type="enc:SAML1ScopedString" name="urn:mace:dir:attribute-def:eduPersonPrincipalName" encodeType="false" />
45
-        <resolver:AttributeEncoder xsi:type="enc:SAML2ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" friendlyName="eduPersonPrincipalName" encodeType="false" />
46
-    </resolver:AttributeDefinition>
47
-
48
-    <!--
49
-    The uid is the closest thing to a "standard" LDAP attribute
50
-    representing a local username, but you should generally *never*
51
-    expose uid to federated services, as it is rarely globally unique.
52
-    -->
53
-    <resolver:AttributeDefinition id="uid" xsi:type="ad:Simple" sourceAttributeID="uid">
54
-        <resolver:Dependency ref="myLDAP" />
55
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:uid" encodeType="false" />
56
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.1" friendlyName="uid" encodeType="false" />
57
-    </resolver:AttributeDefinition>
58
-
59
-    <!--
60
-    In the rest of the world, the email address is the standard identifier,
61
-    despite the problems with that practice. Consider making the EPPN value
62
-    the same as your official email addresses whenever possible.
63
-    -->
64
-    <resolver:AttributeDefinition id="mail" xsi:type="ad:Simple" sourceAttributeID="mail">
65
-        <resolver:Dependency ref="myLDAP" />
66
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:mail" encodeType="false" />
67
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.3" friendlyName="mail" encodeType="false" />
68
-    </resolver:AttributeDefinition>
69
-        
70
-    <!-- ========================================== -->
71
-    <!--      Data Connectors                       -->
72
-    <!-- ========================================== -->
73
-    
74
-    <!--
75
-    Example LDAP Connector
76
-    
77
-    The connectivity details can be specified in ldap.properties to
78
-    share them with your authentication settings if desired.
79
-    -->
80
-    <resolver:DataConnector id="myLDAP" xsi:type="dc:LDAPDirectory"
81
-        ldapURL="%{idp.attribute.resolver.LDAP.ldapURL}"
82
-        baseDN="%{idp.attribute.resolver.LDAP.baseDN}" 
83
-        principal="%{idp.attribute.resolver.LDAP.bindDN}"
84
-        principalCredential="%{idp.attribute.resolver.LDAP.bindDNCredential}"
85
-        useStartTLS="%{idp.attribute.resolver.LDAP.useStartTLS:true}">
86
-        <dc:FilterTemplate>
87
-            <![CDATA[
88
-                %{idp.attribute.resolver.LDAP.searchFilter}
89
-            ]]>
90
-        </dc:FilterTemplate>
91
-        <dc:ReturnAttributes>%{idp.attribute.resolver.LDAP.returnAttributes}</dc:ReturnAttributes>
92
-        <dc:StartTLSTrustCredential id="LDAPtoIdPCredential" xsi:type="sec:X509ResourceBacked">
93
-            <sec:Certificate>%{idp.attribute.resolver.LDAP.trustCertificates}</sec:Certificate>
94
-        </dc:StartTLSTrustCredential>
95
-    </resolver:DataConnector>
96
-
97
-</resolver:AttributeResolver>

+ 0
- 95
src/shibboleth-identity-provider-3.2.1/conf/attribute-resolver.xml View File

@@ -1,95 +0,0 @@
1
-<?xml version="1.0" encoding="UTF-8"?>
2
-<!-- 
3
-    This file is an EXAMPLE configuration file. While the configuration
4
-    presented in this example file is semi-functional, it isn't very
5
-    interesting. It is here only as a starting point for your deployment
6
-    process.
7
-    
8
-    Very few attribute definitions and data connectors are demonstrated,
9
-    and the data is derived statically from the logged-in username and a
10
-    static example connector.
11
-
12
-    Attribute-resolver-full.xml contains more examples of attributes,
13
-    encoders, and data connectors. Deployers should refer to the Shibboleth
14
-    documentation for a complete list of components and their options.
15
--->
16
-<resolver:AttributeResolver
17
-        xmlns:resolver="urn:mace:shibboleth:2.0:resolver" 
18
-        xmlns:pc="urn:mace:shibboleth:2.0:resolver:pc"
19
-        xmlns:ad="urn:mace:shibboleth:2.0:resolver:ad" 
20
-        xmlns:dc="urn:mace:shibboleth:2.0:resolver:dc"
21
-        xmlns:enc="urn:mace:shibboleth:2.0:attribute:encoder" 
22
-        xmlns:sec="urn:mace:shibboleth:2.0:security"
23
-        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
24
-        xsi:schemaLocation="urn:mace:shibboleth:2.0:resolver http://shibboleth.net/schema/idp/shibboleth-attribute-resolver.xsd
25
-                            urn:mace:shibboleth:2.0:resolver:pc http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-pc.xsd
26
-                            urn:mace:shibboleth:2.0:resolver:ad http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-ad.xsd
27
-                            urn:mace:shibboleth:2.0:resolver:dc http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-dc.xsd
28
-                            urn:mace:shibboleth:2.0:attribute:encoder http://shibboleth.net/schema/idp/shibboleth-attribute-encoder.xsd
29
-                            urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd">
30
-
31
-    <!-- ========================================== -->
32
-    <!--      Attribute Definitions                 -->
33
-    <!-- ========================================== -->
34
-
35
-    <!--
36
-    The EPPN is the "standard" federated username in higher ed.
37
-    For guidelines on the implementation of this attribute, refer
38
-    to the Shibboleth and eduPerson documentation. Above all, do
39
-    not expose a value for this attribute without considering the
40
-    long term implications. 
41
-    -->
42
-    <resolver:AttributeDefinition id="eduPersonPrincipalName" xsi:type="ad:Scoped" scope="%{idp.scope}" sourceAttributeID="uid">
43
-        <resolver:Dependency ref="uid" />
44
-        <resolver:AttributeEncoder xsi:type="enc:SAML1ScopedString" name="urn:mace:dir:attribute-def:eduPersonPrincipalName" encodeType="false" />
45
-        <resolver:AttributeEncoder xsi:type="enc:SAML2ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" friendlyName="eduPersonPrincipalName" encodeType="false" />
46
-    </resolver:AttributeDefinition>
47
-
48
-    <!--
49
-    The uid is the closest thing to a "standard" LDAP attribute
50
-    representing a local username, but you should generally *never*
51
-    expose uid to federated services, as it is rarely globally unique.
52
-    -->
53
-    <resolver:AttributeDefinition id="uid" xsi:type="ad:PrincipalName">
54
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:uid" encodeType="false" />
55
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.1" friendlyName="uid" encodeType="false" />
56
-    </resolver:AttributeDefinition>
57
-
58
-    <!--
59
-    In the rest of the world, the email address is the standard identifier,
60
-    despite the problems with that practice. Consider making the EPPN
61
-    value the same as your official email addresses whenever possible.
62
-    -->
63
-    <resolver:AttributeDefinition id="mail" xsi:type="ad:Template">
64
-        <resolver:Dependency ref="uid" />
65
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:mail" encodeType="false" />
66
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.3" friendlyName="mail" encodeType="false" />
67
-        <ad:Template>
68
-          <![CDATA[
69
-               ${uid}@example.org
70
-          ]]>
71
-        </ad:Template>
72
-        <ad:SourceAttribute>uid</ad:SourceAttribute>
73
-    </resolver:AttributeDefinition>
74
-
75
-    <!--
76
-    This is an example of an attribute sourced from a data connector.
77
-    -->
78
-    <resolver:AttributeDefinition id="eduPersonScopedAffiliation" xsi:type="ad:Scoped" scope="%{idp.scope}" sourceAttributeID="affiliation">
79
-        <resolver:Dependency ref="staticAttributes" />
80
-        <resolver:AttributeEncoder xsi:type="enc:SAML1ScopedString" name="urn:mace:dir:attribute-def:eduPersonScopedAffiliation" encodeType="false" />
81
-        <resolver:AttributeEncoder xsi:type="enc:SAML2ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" friendlyName="eduPersonScopedAffiliation" encodeType="false" />
82
-    </resolver:AttributeDefinition>
83
-
84
-
85
-    <!-- ========================================== -->
86
-    <!--      Data Connectors                       -->
87
-    <!-- ========================================== -->
88
-
89
-    <resolver:DataConnector id="staticAttributes" xsi:type="dc:Static">
90
-        <dc:Attribute id="affiliation">
91
-            <dc:Value>member</dc:Value>
92
-        </dc:Attribute>
93
-    </resolver:DataConnector>
94
-
95
-</resolver:AttributeResolver>

+ 0
- 103
src/shibboleth-identity-provider-3.2.1/conf/audit.xml View File

@@ -1,103 +0,0 @@
1
-<?xml version="1.0" encoding="UTF-8"?>
2
-<beans xmlns="http://www.springframework.org/schema/beans"
3
-    xmlns:context="http://www.springframework.org/schema/context"
4
-    xmlns:util="http://www.springframework.org/schema/util" xmlns:p="http://www.springframework.org/schema/p"
5
-    xmlns:c="http://www.springframework.org/schema/c" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
6
-    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
7
-                        http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
8
-                        http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
9
-
10
-    default-init-method="initialize"
11
-    default-destroy-method="destroy">
12
-
13
-    <!--
14
-    This bean defines a mapping between audit log categories and formatting strings. The default entry is
15
-    for compatibility with V2 audit logging.
16
-    -->
17
-    <util:map id="shibboleth.AuditFormattingMap">
18
-        <entry key="Shibboleth-Audit" value="%T|%b|%I|%SP|%P|%IDP|%bb|%III|%u|%ac|%attr|%n|%i|" />
19
-    </util:map>
20
-
21
-    <!-- Allows auditing to be disabled selectively for particular profiles/flows. -->
22
-    <util:list id="shibboleth.AuditSuppressedProfiles">
23
-        <value>http://shibboleth.net/ns/profiles/status</value>
24
-    </util:list>
25
-
26
-    <!--
27
-    The beans below need to be defined, even if left empty. They can be ignored in most cases.
28
-    
29
-    If you write your own function to extract a new piece of data for auditing, you can install it into one or more
30
-    of the maps below to add it to the auditing framework, keyed by an audit field label to be used in formatting.
31
-    -->
32
-
33
-    <bean id="shibboleth.PostDecodeAuditExtractors" parent="shibboleth.DefaultPostDecodeAuditExtractors" lazy-init="true">
34
-        <property name="sourceMap">
35
-            <map merge="true">
36
-            </map>
37
-        </property>
38
-    </bean>
39
-
40
-    <bean id="shibboleth.PostLookupAuditExtractors" parent="shibboleth.DefaultPostLookupAuditExtractors" lazy-init="true">
41
-        <property name="sourceMap">
42
-            <map merge="true">
43
-            </map>
44
-        </property>
45
-    </bean>
46
-
47
-    <bean id="shibboleth.PostAssertionAuditExtractors" parent="shibboleth.DefaultPostAssertionAuditExtractors" lazy-init="true">
48
-        <property name="sourceMap">
49
-            <map merge="true">
50
-            </map>
51
-        </property>
52
-    </bean>
53
-
54
-    <bean id="shibboleth.PostResponseAuditExtractors" parent="shibboleth.DefaultPostResponseAuditExtractors" lazy-init="true">
55
-        <property name="sourceMap">
56
-            <map merge="true">
57
-            </map>
58
-        </property>
59
-    </bean>
60
-
61
-    <bean id="shibboleth.LogoutRequestAuditExtractors" parent="shibboleth.DefaultLogoutRequestAuditExtractors" lazy-init="true">
62
-        <property name="sourceMap">
63
-            <map merge="true">
64
-            </map>
65
-        </property>
66
-    </bean>
67
-    
68
-    <bean id="shibboleth.LogoutAuditExtractors" parent="shibboleth.DefaultLogoutAuditExtractors" lazy-init="true">
69
-        <property name="sourceMap">
70
-            <map merge="true">
71
-            </map>
72
-        </property>
73
-    </bean>
74
-
75
-    <bean id="shibboleth.ErrorViewAuditExtractors" parent="shibboleth.DefaultErrorViewAuditExtractors" lazy-init="true">
76
-        <property name="sourceMap">
77
-            <map merge="true">
78
-            </map>
79
-        </property>
80
-    </bean>
81
-
82
-    <bean id="shibboleth.CASLoginAuditExtractors" parent="shibboleth.DefaultCASLoginAuditExtractors" lazy-init="true">
83
-        <property name="sourceMap">
84
-            <map merge="true">
85
-            </map>
86
-        </property>
87
-    </bean>
88
-
89
-    <bean id="shibboleth.CASValidationAuditExtractors" parent="shibboleth.DefaultCASValidationAuditExtractors" lazy-init="true">
90
-        <property name="sourceMap">
91
-            <map merge="true">
92
-            </map>
93
-        </property>
94
-    </bean>
95
-
96
-    <bean id="shibboleth.CASProxyAuditExtractors" parent="shibboleth.DefaultCASProxyAuditExtractors" lazy-init="true">
97
-        <property name="sourceMap">
98
-            <map merge="true">
99
-            </map>
100
-        </property>
101
-    </bean>
102
-    
103
-</beans>

+ 0
- 53
src/shibboleth-identity-provider-3.2.1/conf/cas-protocol.xml View File

@@ -1,53 +0,0 @@
1
-<?xml version="1.0" encoding="UTF-8"?>
2
-<beans xmlns="http://www.springframework.org/schema/beans"
3
-       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4
-       xmlns:c="http://www.springframework.org/schema/c"
5
-       xmlns:p="http://www.springframework.org/schema/p"
6
-       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
7
-                           http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
8
-                           http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
9
-       default-init-method="initialize"
10
-       default-destroy-method="destroy">
11
-
12
-    <!--
13
-       | The CAS service registry defines verified relying parties by endpoint URI.
14
-       | The default implementation treats the ID of each entry as a regular expression defining a logical group of
15
-       | services whose URIs match the expression.
16
-       |
17
-       | This bean is reloaded periodically according to %{idp.home}/conf/services.properties.
18
-       -->
19
-    <bean id="reloadableServiceRegistry"
20
-          class="%{idp.cas.serviceRegistryClass:net.shibboleth.idp.cas.service.PatternServiceRegistry}">
21
-        <property name="definitions">
22
-            <list>
23
-                <!--
24
-                <bean class="net.shibboleth.idp.cas.service.ServiceDefinition"
25
-                      c:regex="https://([A-Za-z0-9_-]+\.)*example\.org(:\d+)?/.*"
26
-                      p:group="proxying-services"
27
-                      p:authorizedToProxy="true"
28
-                      p:singleLogoutParticipant="true" />
29
-                <bean class="net.shibboleth.idp.cas.service.ServiceDefinition"
30
-                      c:regex="http://([A-Za-z0-9_-]+\.)*example\.org(:\d+)?/.*"
31
-                      p:group="non-proxying-services"
32
-                      p:authorizedToProxy="false" /
33
-                -->
34
-            </list>
35
-        </property>
36
-    </bean>
37
-
38
-    <!--
39
-       | Advanced CAS configuration.
40
-       |
41
-       | Override default CAS components by creating aliases to custom components where the alias
42
-       | is the same as the default component bean ID.
43
-       -->
44
-    <!--
45
-    <bean id="cas.CustomTicketService"
46
-          class="org.example.idp.cas.CustomTicketService" />
47
-    <alias name="cas.CustomTicketService" alias="cas.TicketService" />
48
-
49
-    <bean id="cas.CustomProxyAuthenticator"
50
-          class="org.example.idp.cas.CustomProxyAuthenticator" />
51
-    <alias name="cas.CustomProxyAuthenticator" alias="cas.ProxyAuthenticator" />
52
-    -->
53
-</beans>

+ 0
- 32
src/shibboleth-identity-provider-3.2.1/dist/conf/access-control.xml.dist View File

@@ -1,32 +0,0 @@
1
-<?xml version="1.0" encoding="UTF-8"?>
2
-<beans xmlns="http://www.springframework.org/schema/beans"
3
-       xmlns:context="http://www.springframework.org/schema/context"
4
-       xmlns:util="http://www.springframework.org/schema/util"
5
-       xmlns:p="http://www.springframework.org/schema/p"
6
-       xmlns:c="http://www.springframework.org/schema/c"
7
-       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
8
-       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
9
-                           http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
10
-                           http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
11
-                           
12
-       default-init-method="initialize"
13
-       default-destroy-method="destroy">
14
-
15
-    <!-- Map of access control policies used to limit access to administrative functions. -->
16
-
17
-    <!--
18
-    The only built-in implementation of the AccessControl interface is IP-based, as below.
19
-    The ranges provided MUST be CIDR network expressions. To specify a single address,
20
-    add "/32" or "/128" for IPv4 or IPv6 respectively.
21
-    -->
22
-
23
-    <util:map id="shibboleth.AccessControlPolicies">
24
-    
25
-        <entry key="AccessByIPAddress">
26
-            <bean parent="shibboleth.IPRangeAccessControl"
27
-                p:allowedRanges="#{ {'127.0.0.1/32', '::1/128'} }" />
28
-        </entry>
29
-    
30
-    </util:map>
31
-
32
-</beans>

+ 0
- 295
src/shibboleth-identity-provider-3.2.1/dist/conf/attribute-resolver-full.xml.dist View File

@@ -1,295 +0,0 @@
1
-<?xml version="1.0" encoding="UTF-8"?>
2
-<!-- 
3
-    This file is an EXAMPLE configuration file containing lots of commented
4
-    example attributes, encoders, and a couple of example data connectors.
5
-    
6
-    Not all attribute definitions or data connectors are demonstrated, but
7
-    a variety of LDAP attributes, some common to Shibboleth deployments and
8
-    many not, are included.
9
-    
10
-    Deployers should refer to the Shibboleth 2 documentation for a complete
11
-    list of components  and their options.
12
--->
13
-<resolver:AttributeResolver
14
-        xmlns:resolver="urn:mace:shibboleth:2.0:resolver"
15
-        xmlns:pc="urn:mace:shibboleth:2.0:resolver:pc"
16
-        xmlns:ad="urn:mace:shibboleth:2.0:resolver:ad"
17
-        xmlns:dc="urn:mace:shibboleth:2.0:resolver:dc"
18
-        xmlns:enc="urn:mace:shibboleth:2.0:attribute:encoder"
19
-        xmlns:sec="urn:mace:shibboleth:2.0:security"
20
-        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
21
-        xsi:schemaLocation="urn:mace:shibboleth:2.0:resolver http://shibboleth.net/schema/idp/shibboleth-attribute-resolver.xsd
22
-                            urn:mace:shibboleth:2.0:resolver:pc http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-pc.xsd
23
-                            urn:mace:shibboleth:2.0:resolver:ad http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-ad.xsd
24
-                            urn:mace:shibboleth:2.0:resolver:dc http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-dc.xsd
25
-                            urn:mace:shibboleth:2.0:attribute:encoder http://shibboleth.net/schema/idp/shibboleth-attribute-encoder.xsd
26
-                            urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd">
27
-
28
-    <!-- ========================================== -->
29
-    <!--      Attribute Definitions                 -->
30
-    <!-- ========================================== -->
31
-
32
-    <!-- Schema: Core schema attributes-->
33
-    <!--
34
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="uid" sourceAttributeID="uid">
35
-        <resolver:Dependency ref="myLDAP" />
36
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:uid" encodeType="false" />
37
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.1" friendlyName="uid" encodeType="false" />
38
-    </resolver:AttributeDefinition>
39
-
40
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="mail" sourceAttributeID="mail">
41
-        <resolver:Dependency ref="myLDAP" />
42
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:mail" encodeType="false" />
43
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.3" friendlyName="mail" encodeType="false" />
44
-    </resolver:AttributeDefinition>
45
-
46
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="homePhone" sourceAttributeID="homePhone">
47
-        <resolver:Dependency ref="myLDAP" />
48
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:homePhone" encodeType="false" />
49
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.20" friendlyName="homePhone" encodeType="false" />
50
-    </resolver:AttributeDefinition>
51
-
52
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="homePostalAddress" sourceAttributeID="homePostalAddress">
53
-        <resolver:Dependency ref="myLDAP" />
54
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:homePostalAddress" encodeType="false" />
55
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.39" friendlyName="homePostalAddress" encodeType="false" />
56
-    </resolver:AttributeDefinition>
57
-
58
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="mobileNumber" sourceAttributeID="mobile">
59
-        <resolver:Dependency ref="myLDAP" />
60
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:mobile" encodeType="false" />
61
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.41" friendlyName="mobile" encodeType="false" />
62
-    </resolver:AttributeDefinition>
63
-
64
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="pagerNumber" sourceAttributeID="pager">
65
-        <resolver:Dependency ref="myLDAP" />
66
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:pager" encodeType="false" />
67
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.42" friendlyName="pager" encodeType="false" />
68
-    </resolver:AttributeDefinition>
69
-
70
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="surname" sourceAttributeID="sn">
71
-        <resolver:Dependency ref="myLDAP" />
72
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:sn" encodeType="false" />
73
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.4" friendlyName="sn" encodeType="false" />
74
-    </resolver:AttributeDefinition>
75
-
76
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="locality" sourceAttributeID="l">
77
-        <resolver:Dependency ref="myLDAP" />
78
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:l" encodeType="false" />
79
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.7" friendlyName="l" encodeType="false" />
80
-    </resolver:AttributeDefinition>
81
-
82
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="stateProvince" sourceAttributeID="st">
83
-        <resolver:Dependency ref="myLDAP" />
84
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:st" encodeType="false" />
85
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.8" friendlyName="st" encodeType="false" />
86
-    </resolver:AttributeDefinition>
87
-
88
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="street" sourceAttributeID="street">
89
-        <resolver:Dependency ref="myLDAP" />
90
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:street" encodeType="false" />
91
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.9" friendlyName="street" encodeType="false" />
92
-    </resolver:AttributeDefinition>
93
-
94
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="organizationName" sourceAttributeID="o">
95
-        <resolver:Dependency ref="myLDAP" />
96
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:o" encodeType="false" />
97
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.10" friendlyName="o" encodeType="false" />
98
-    </resolver:AttributeDefinition>
99
-
100
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="organizationalUnit" sourceAttributeID="ou">
101
-        <resolver:Dependency ref="myLDAP" />
102
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:ou" encodeType="false" />
103
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.11" friendlyName="ou" encodeType="false" />
104
-    </resolver:AttributeDefinition>
105
-
106
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="title" sourceAttributeID="title">
107
-        <resolver:Dependency ref="myLDAP" />
108
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:title" encodeType="false" />
109
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.12" friendlyName="title" encodeType="false" />
110
-    </resolver:AttributeDefinition>
111
-
112
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="postalAddress" sourceAttributeID="postalAddress">
113
-        <resolver:Dependency ref="myLDAP" />
114
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:postalAddress" encodeType="false" />
115
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.16" friendlyName="postalAddress" encodeType="false" />
116
-    </resolver:AttributeDefinition>
117
-
118
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="postalCode" sourceAttributeID="postalCode">
119
-        <resolver:Dependency ref="myLDAP" />
120
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:postalCode" encodeType="false" />
121
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.17" friendlyName="postalCode" encodeType="false" />
122
-    </resolver:AttributeDefinition>
123
-
124
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="postOfficeBox" sourceAttributeID="postOfficeBox">
125
-        <resolver:Dependency ref="myLDAP" />
126
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:postOfficeBox" encodeType="false" />
127
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.18" friendlyName="postOfficeBox" encodeType="false" />
128
-    </resolver:AttributeDefinition>
129
-
130
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="telephoneNumber" sourceAttributeID="telephoneNumber">
131
-        <resolver:Dependency ref="myLDAP" />
132
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:telephoneNumber" encodeType="false" />
133
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.20" friendlyName="telephoneNumber" encodeType="false" />
134
-    </resolver:AttributeDefinition>
135
-
136
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="givenName" sourceAttributeID="givenName">
137
-        <resolver:Dependency ref="myLDAP" />
138
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:givenName" encodeType="false" />
139
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.42" friendlyName="givenName" encodeType="false" />
140
-    </resolver:AttributeDefinition>
141
-
142
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="initials" sourceAttributeID="initials">
143
-        <resolver:Dependency ref="myLDAP" />
144
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:initials" encodeType="false" />
145
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.5.4.43" friendlyName="initials" encodeType="false" />
146
-    </resolver:AttributeDefinition>
147
-     -->
148
-
149
-    <!-- Schema: inetOrgPerson attributes-->
150
-    <!--
151
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="departmentNumber" sourceAttributeID="departmentNumber">
152
-        <resolver:Dependency ref="myLDAP" />
153
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:departmentNumber" encodeType="false" />
154
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.16.840.1.113730.3.1.2" friendlyName="departmentNumber" encodeType="false" />
155
-    </resolver:AttributeDefinition>
156
-    
157
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="displayName" sourceAttributeID="displayName">
158
-        <resolver:Dependency ref="myLDAP" />
159
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:displayName" encodeType="false" />
160
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.16.840.1.113730.3.1.241" friendlyName="displayName" encodeType="false" />
161
-    </resolver:AttributeDefinition> 
162
-
163
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="employeeNumber" sourceAttributeID="employeeNumber">
164
-        <resolver:Dependency ref="myLDAP" />
165
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:employeeNumber" encodeType="false" />
166
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.16.840.1.113730.3.1.3" friendlyName="employeeNumber" encodeType="false" />
167
-    </resolver:AttributeDefinition>
168
-
169
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="employeeType" sourceAttributeID="employeeType">
170
-        <resolver:Dependency ref="myLDAP" />
171
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:employeeType" encodeType="false" />
172
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.16.840.1.113730.3.1.4" friendlyName="employeeType" encodeType="false" />
173
-    </resolver:AttributeDefinition>
174
-
175
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="jpegPhoto" sourceAttributeID="jpegPhoto">
176
-        <resolver:Dependency ref="myLDAP" />
177
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:jpegPhoto" encodeType="false" />
178
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.60" friendlyName="jpegPhoto" encodeType="false" />
179
-    </resolver:AttributeDefinition>
180
-
181
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="preferredLanguage" sourceAttributeID="preferredLanguage">
182
-        <resolver:Dependency ref="myLDAP" />
183
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:preferredLanguage" encodeType="false" />
184
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:2.16.840.1.113730.3.1.39" friendlyName="preferredLanguage" encodeType="false" />
185
-    </resolver:AttributeDefinition>
186
-    -->
187
-
188
-    <!-- Schema: eduPerson attributes -->
189
-    <!--
190
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="eduPersonAffiliation" sourceAttributeID="eduPersonAffiliation">
191
-        <resolver:Dependency ref="myLDAP" />
192
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:eduPersonAffiliation" encodeType="false" />
193
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1" friendlyName="eduPersonAffiliation" encodeType="false" />
194
-    </resolver:AttributeDefinition>
195
-
196
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="eduPersonEntitlement" sourceAttributeID="eduPersonEntitlement">
197
-        <resolver:Dependency ref="myLDAP" />
198
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:eduPersonEntitlement" encodeType="false" />
199
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" friendlyName="eduPersonEntitlement" encodeType="false" />
200
-    </resolver:AttributeDefinition>
201
-
202
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="eduPersonNickname" sourceAttributeID="eduPersonNickname">
203
-        <resolver:Dependency ref="myLDAP" />
204
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:eduPersonNickname" encodeType="false" />
205
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.2" friendlyName="eduPersonNickname" encodeType="false" />
206
-    </resolver:AttributeDefinition>
207
-
208
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="eduPersonPrimaryAffiliation" sourceAttributeID="eduPersonPrimaryAffiliation">
209
-        <resolver:Dependency ref="myLDAP" />
210
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation" encodeType="false" />
211
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.5" friendlyName="eduPersonPrimaryAffiliation" encodeType="false" />
212
-    </resolver:AttributeDefinition>
213
-
214
-    <resolver:AttributeDefinition xsi:type="ad:Scoped" id="eduPersonUniqueId" scope="%{idp.scope}" sourceAttributeID="localUniqueId">
215
-        <resolver:Dependency ref="myLDAP" />
216
-        <resolver:AttributeEncoder xsi:type="enc:SAML1ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.13" encodeType="false" />
217
-        <resolver:AttributeEncoder xsi:type="enc:SAML2ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.13" friendlyName="eduPersonUniqueId" encodeType="false" />
218
-    </resolver:AttributeDefinition>
219
-
220
-    <resolver:AttributeDefinition xsi:type="ad:Prescoped" id="eduPersonPrincipalName" sourceAttributeID="eduPersonPrincipalName">
221
-        <resolver:Dependency ref="myLDAP" />
222
-        <resolver:AttributeEncoder xsi:type="enc:SAML1ScopedString" name="urn:mace:dir:attribute-def:eduPersonPrincipalName" encodeType="false" />
223
-        <resolver:AttributeEncoder xsi:type="enc:SAML2ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" friendlyName="eduPersonPrincipalName" encodeType="false" />
224
-    </resolver:AttributeDefinition>
225
-
226
-    <resolver:AttributeDefinition xsi:type="ad:Prescoped" id="eduPersonPrincipalNamePrior" sourceAttributeID="eduPersonPrincipalNamePrior">
227
-        <resolver:Dependency ref="myLDAP" />
228
-        <resolver:AttributeEncoder xsi:type="enc:SAML1ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.12" encodeType="false" />
229
-        <resolver:AttributeEncoder xsi:type="enc:SAML2ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.12" friendlyName="eduPersonPrincipalNamePrior" encodeType="false" />
230
-    </resolver:AttributeDefinition>
231
-
232
-    <resolver:AttributeDefinition xsi:type="ad:Scoped" id="eduPersonScopedAffiliation" scope="%{idp.scope}" sourceAttributeID="eduPersonAffiliation">
233
-        <resolver:Dependency ref="myLDAP" />
234
-        <resolver:AttributeEncoder xsi:type="enc:SAML1ScopedString" name="urn:mace:dir:attribute-def:eduPersonScopedAffiliation" encodeType="false" />
235
-        <resolver:AttributeEncoder xsi:type="enc:SAML2ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" friendlyName="eduPersonScopedAffiliation" encodeType="false" />
236
-    </resolver:AttributeDefinition>
237
-    
238
-    <resolver:AttributeDefinition xsi:type="ad:Simple" id="eduPersonAssurance" sourceAttributeID="eduPersonAssurance">
239
-        <resolver:Dependency ref="myLDAP" />
240
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:eduPersonAssurance" encodeType="false" />
241
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" friendlyName="eduPersonAssurance" encodeType="false" />
242
-    </resolver:AttributeDefinition>
243
-    -->
244
-
245
-    <!-- ========================================== -->
246
-    <!--      Data Connectors                       -->
247
-    <!-- ========================================== -->
248
-
249
-    <!-- Example Static Connector -->
250
-    <!--
251
-    <resolver:DataConnector id="staticAttributes" xsi:type="dc:Static">
252
-        <dc:Attribute id="eduPersonAffiliation">
253
-            <dc:Value>member</dc:Value>
254
-        </dc:Attribute>
255
-    </resolver:DataConnector>
256
-    -->
257
-
258
-    <!-- Example Relational Database Connector -->
259
-    <!--
260
-    <resolver:DataConnector id="mySIS" xsi:type="dc:RelationalDatabase">
261
-        <dc:ApplicationManagedConnection jdbcDriver="oracle.jdbc.driver.OracleDriver"
262
-                                         jdbcURL="jdbc:oracle:thin:@db.example.org:1521:SomeDB" 
263
-                                         jdbcUserName="myid" 
264
-                                         jdbcPassword="mypassword" />
265
-        <dc:QueryTemplate>
266
-            <![CDATA[
267
-                SELECT * FROM student WHERE gzbtpid = '$resolutionContext.principal'
268
-            ]]>
269
-        </dc:QueryTemplate>
270
-
271
-        <dc:Column columnName="gzbtpid" attributeID="uid" />
272
-        <dc:Column columnName="fqlft" attributeID="gpa" />
273
-    </resolver:DataConnector>
274
-     -->
275
-
276
-    <!-- Example LDAP Connector -->
277
-    <!--
278
-    <resolver:DataConnector id="myLDAP" xsi:type="dc:LDAPDirectory"
279
-        ldapURL="%{idp.attribute.resolver.LDAP.ldapURL}"
280
-        baseDN="%{idp.attribute.resolver.LDAP.baseDN}" 
281
-        principal="%{idp.attribute.resolver.LDAP.bindDN}"
282
-        principalCredential="%{idp.attribute.resolver.LDAP.bindDNCredential}"
283
-        useStartTLS="%{idp.attribute.resolver.LDAP.useStartTLS:true}">
284
-        <dc:FilterTemplate>
285
-            <![CDATA[
286
-                %{idp.attribute.resolver.LDAP.searchFilter}
287
-            ]]>
288
-        </dc:FilterTemplate>
289
-        <dc:StartTLSTrustCredential id="LDAPtoIdPCredential" xsi:type="sec:X509ResourceBacked">
290
-            <sec:Certificate>%{idp.attribute.resolver.LDAP.trustCertificates}</sec:Certificate>
291
-        </dc:StartTLSTrustCredential>
292
-    </resolver:DataConnector>
293
-    -->
294
-
295
-</resolver:AttributeResolver>

+ 0
- 97
src/shibboleth-identity-provider-3.2.1/dist/conf/attribute-resolver-ldap.xml.dist View File

@@ -1,97 +0,0 @@
1
-<?xml version="1.0" encoding="UTF-8"?>
2
-<!-- 
3
-    This file is an EXAMPLE configuration file. While the configuration
4
-    presented in this example file is semi-functional, it isn't very
5
-    interesting. It is here only as a starting point for your deployment
6
-    process.
7
-    
8
-    Very few attribute definitions and data connectors are demonstrated,
9
-    and use of LDAP is assumed, with the LDAP configuration primarily
10
-    supplied from the ldap.properties file.
11
-
12
-    Attribute-resolver-full.xml contains more examples of attributes,
13
-    encoders, and data connectors. Deployers should refer to the Shibboleth
14
-    documentation for a complete list of components and their options.
15
--->
16
-<resolver:AttributeResolver
17
-        xmlns:resolver="urn:mace:shibboleth:2.0:resolver" 
18
-        xmlns:pc="urn:mace:shibboleth:2.0:resolver:pc"
19
-        xmlns:ad="urn:mace:shibboleth:2.0:resolver:ad" 
20
-        xmlns:dc="urn:mace:shibboleth:2.0:resolver:dc"
21
-        xmlns:enc="urn:mace:shibboleth:2.0:attribute:encoder" 
22
-        xmlns:sec="urn:mace:shibboleth:2.0:security"
23
-        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
24
-        xsi:schemaLocation="urn:mace:shibboleth:2.0:resolver http://shibboleth.net/schema/idp/shibboleth-attribute-resolver.xsd
25
-                            urn:mace:shibboleth:2.0:resolver:pc http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-pc.xsd
26
-                            urn:mace:shibboleth:2.0:resolver:ad http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-ad.xsd
27
-                            urn:mace:shibboleth:2.0:resolver:dc http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-dc.xsd
28
-                            urn:mace:shibboleth:2.0:attribute:encoder http://shibboleth.net/schema/idp/shibboleth-attribute-encoder.xsd
29
-                            urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd">
30
-
31
-    <!-- ========================================== -->
32
-    <!--      Attribute Definitions                 -->
33
-    <!-- ========================================== -->
34
-
35
-    <!--
36
-    The EPPN is the "standard" federated username in higher ed.
37
-    For guidelines on the implementation of this attribute, refer
38
-    to the Shibboleth and eduPerson documentation. Above all, do
39
-    not expose a value for this attribute without considering the
40
-    long term implications. 
41
-    -->
42
-    <resolver:AttributeDefinition id="eduPersonPrincipalName" xsi:type="ad:Prescoped" sourceAttributeID="eduPersonPrincipalName">
43
-        <resolver:Dependency ref="myLDAP" />
44
-        <resolver:AttributeEncoder xsi:type="enc:SAML1ScopedString" name="urn:mace:dir:attribute-def:eduPersonPrincipalName" encodeType="false" />
45
-        <resolver:AttributeEncoder xsi:type="enc:SAML2ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" friendlyName="eduPersonPrincipalName" encodeType="false" />
46
-    </resolver:AttributeDefinition>
47
-
48
-    <!--
49
-    The uid is the closest thing to a "standard" LDAP attribute
50
-    representing a local username, but you should generally *never*
51
-    expose uid to federated services, as it is rarely globally unique.
52
-    -->
53
-    <resolver:AttributeDefinition id="uid" xsi:type="ad:Simple" sourceAttributeID="uid">
54
-        <resolver:Dependency ref="myLDAP" />
55
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:uid" encodeType="false" />
56
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.1" friendlyName="uid" encodeType="false" />
57
-    </resolver:AttributeDefinition>
58
-
59
-    <!--
60
-    In the rest of the world, the email address is the standard identifier,
61
-    despite the problems with that practice. Consider making the EPPN value
62
-    the same as your official email addresses whenever possible.
63
-    -->
64
-    <resolver:AttributeDefinition id="mail" xsi:type="ad:Simple" sourceAttributeID="mail">
65
-        <resolver:Dependency ref="myLDAP" />
66
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:mail" encodeType="false" />
67
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.3" friendlyName="mail" encodeType="false" />
68
-    </resolver:AttributeDefinition>
69
-        
70
-    <!-- ========================================== -->
71
-    <!--      Data Connectors                       -->
72
-    <!-- ========================================== -->
73
-    
74
-    <!--
75
-    Example LDAP Connector
76
-    
77
-    The connectivity details can be specified in ldap.properties to
78
-    share them with your authentication settings if desired.
79
-    -->
80
-    <resolver:DataConnector id="myLDAP" xsi:type="dc:LDAPDirectory"
81
-        ldapURL="%{idp.attribute.resolver.LDAP.ldapURL}"
82
-        baseDN="%{idp.attribute.resolver.LDAP.baseDN}" 
83
-        principal="%{idp.attribute.resolver.LDAP.bindDN}"
84
-        principalCredential="%{idp.attribute.resolver.LDAP.bindDNCredential}"
85
-        useStartTLS="%{idp.attribute.resolver.LDAP.useStartTLS:true}">
86
-        <dc:FilterTemplate>
87
-            <![CDATA[
88
-                %{idp.attribute.resolver.LDAP.searchFilter}
89
-            ]]>
90
-        </dc:FilterTemplate>
91
-        <dc:ReturnAttributes>%{idp.attribute.resolver.LDAP.returnAttributes}</dc:ReturnAttributes>
92
-        <dc:StartTLSTrustCredential id="LDAPtoIdPCredential" xsi:type="sec:X509ResourceBacked">
93
-            <sec:Certificate>%{idp.attribute.resolver.LDAP.trustCertificates}</sec:Certificate>
94
-        </dc:StartTLSTrustCredential>
95
-    </resolver:DataConnector>
96
-
97
-</resolver:AttributeResolver>

+ 0
- 95
src/shibboleth-identity-provider-3.2.1/dist/conf/attribute-resolver.xml.dist View File

@@ -1,95 +0,0 @@
1
-<?xml version="1.0" encoding="UTF-8"?>
2
-<!-- 
3
-    This file is an EXAMPLE configuration file. While the configuration
4
-    presented in this example file is semi-functional, it isn't very
5
-    interesting. It is here only as a starting point for your deployment
6
-    process.
7
-    
8
-    Very few attribute definitions and data connectors are demonstrated,
9
-    and the data is derived statically from the logged-in username and a
10
-    static example connector.
11
-
12
-    Attribute-resolver-full.xml contains more examples of attributes,
13
-    encoders, and data connectors. Deployers should refer to the Shibboleth
14
-    documentation for a complete list of components and their options.
15
--->
16
-<resolver:AttributeResolver
17
-        xmlns:resolver="urn:mace:shibboleth:2.0:resolver" 
18
-        xmlns:pc="urn:mace:shibboleth:2.0:resolver:pc"
19
-        xmlns:ad="urn:mace:shibboleth:2.0:resolver:ad" 
20
-        xmlns:dc="urn:mace:shibboleth:2.0:resolver:dc"
21
-        xmlns:enc="urn:mace:shibboleth:2.0:attribute:encoder" 
22
-        xmlns:sec="urn:mace:shibboleth:2.0:security"
23
-        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
24
-        xsi:schemaLocation="urn:mace:shibboleth:2.0:resolver http://shibboleth.net/schema/idp/shibboleth-attribute-resolver.xsd
25
-                            urn:mace:shibboleth:2.0:resolver:pc http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-pc.xsd
26
-                            urn:mace:shibboleth:2.0:resolver:ad http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-ad.xsd
27
-                            urn:mace:shibboleth:2.0:resolver:dc http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-dc.xsd
28
-                            urn:mace:shibboleth:2.0:attribute:encoder http://shibboleth.net/schema/idp/shibboleth-attribute-encoder.xsd
29
-                            urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd">
30
-
31
-    <!-- ========================================== -->
32
-    <!--      Attribute Definitions                 -->
33
-    <!-- ========================================== -->
34
-
35
-    <!--
36
-    The EPPN is the "standard" federated username in higher ed.
37
-    For guidelines on the implementation of this attribute, refer
38
-    to the Shibboleth and eduPerson documentation. Above all, do
39
-    not expose a value for this attribute without considering the
40
-    long term implications. 
41
-    -->
42
-    <resolver:AttributeDefinition id="eduPersonPrincipalName" xsi:type="ad:Scoped" scope="%{idp.scope}" sourceAttributeID="uid">
43
-        <resolver:Dependency ref="uid" />
44
-        <resolver:AttributeEncoder xsi:type="enc:SAML1ScopedString" name="urn:mace:dir:attribute-def:eduPersonPrincipalName" encodeType="false" />
45
-        <resolver:AttributeEncoder xsi:type="enc:SAML2ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" friendlyName="eduPersonPrincipalName" encodeType="false" />
46
-    </resolver:AttributeDefinition>
47
-
48
-    <!--
49
-    The uid is the closest thing to a "standard" LDAP attribute
50
-    representing a local username, but you should generally *never*
51
-    expose uid to federated services, as it is rarely globally unique.
52
-    -->
53
-    <resolver:AttributeDefinition id="uid" xsi:type="ad:PrincipalName">
54
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:uid" encodeType="false" />
55
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.1" friendlyName="uid" encodeType="false" />
56
-    </resolver:AttributeDefinition>
57
-
58
-    <!--
59
-    In the rest of the world, the email address is the standard identifier,
60
-    despite the problems with that practice. Consider making the EPPN
61
-    value the same as your official email addresses whenever possible.
62
-    -->
63
-    <resolver:AttributeDefinition id="mail" xsi:type="ad:Template">
64
-        <resolver:Dependency ref="uid" />
65
-        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:mail" encodeType="false" />
66
-        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.3" friendlyName="mail" encodeType="false" />
67
-        <ad:Template>
68
-          <![CDATA[
69
-               ${uid}@example.org
70
-          ]]>
71
-        </ad:Template>
72
-        <ad:SourceAttribute>uid</ad:SourceAttribute>
73
-    </resolver:AttributeDefinition>
74
-
75
-    <!--
76
-    This is an example of an attribute sourced from a data connector.
77
-    -->
78
-    <resolver:AttributeDefinition id="eduPersonScopedAffiliation" xsi:type="ad:Scoped" scope="%{idp.scope}" sourceAttributeID="affiliation">
79
-        <resolver:Dependency ref="staticAttributes" />
80
-        <resolver:AttributeEncoder xsi:type="enc:SAML1ScopedString" name="urn:mace:dir:attribute-def:eduPersonScopedAffiliation" encodeType="false" />
81
-        <resolver:AttributeEncoder xsi:type="enc:SAML2ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" friendlyName="eduPersonScopedAffiliation" encodeType="false" />
82
-    </resolver:AttributeDefinition>
83
-
84
-
85
-    <!-- ========================================== -->
86
-    <!--      Data Connectors                       -->
87
-    <!-- ========================================== -->
88
-
89
-    <resolver:DataConnector id="staticAttributes" xsi:type="dc:Static">
90
-        <dc:Attribute id="affiliation">
91
-            <dc:Value>member</dc:Value>
92
-        </dc:Attribute>
93
-    </resolver:DataConnector>
94
-
95
-</resolver:AttributeResolver>

+ 0
- 103
src/shibboleth-identity-provider-3.2.1/dist/conf/audit.xml.dist View File

@@ -1,103 +0,0 @@
1
-<?xml version="1.0" encoding="UTF-8"?>
2
-<beans xmlns="http://www.springframework.org/schema/beans"
3
-    xmlns:context="http://www.springframework.org/schema/context"
4
-    xmlns:util="http://www.springframework.org/schema/util" xmlns:p="http://www.springframework.org/schema/p"
5
-    xmlns:c="http://www.springframework.org/schema/c" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
6
-    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
7
-                        http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
8
-                        http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
9
-
10
-    default-init-method="initialize"
11
-    default-destroy-method="destroy">
12
-
13
-    <!--
14
-    This bean defines a mapping between audit log categories and formatting strings. The default entry is
15
-    for compatibility with V2 audit logging.
16
-    -->
17
-    <util:map id="shibboleth.AuditFormattingMap">
18
-        <entry key="Shibboleth-Audit" value="%T|%b|%I|%SP|%P|%IDP|%bb|%III|%u|%ac|%attr|%n|%i|" />
19
-    </util:map>
20
-
21
-    <!-- Allows auditing to be disabled selectively for particular profiles/flows. -->
22
-    <util:list id="shibboleth.AuditSuppressedProfiles">
23
-        <value>http://shibboleth.net/ns/profiles/status</value>
24
-    </util:list>
25
-
26
-    <!--
27
-    The beans below need to be defined, even if left empty. They can be ignored in most cases.
28
-    
29
-    If you write your own function to extract a new piece of data for auditing, you can install it into one or more
30
-    of the maps below to add it to the auditing framework, keyed by an audit field label to be used in formatting.
31
-    -->
32
-
33
-    <bean id="shibboleth.PostDecodeAuditExtractors" parent="shibboleth.DefaultPostDecodeAuditExtractors" lazy-init="true">
34
-        <property name="sourceMap">
35
-            <map merge="true">
36
-            </map>
37
-        </property>
38
-    </bean>
39
-
40
-    <bean id="shibboleth.PostLookupAuditExtractors" parent="shibboleth.DefaultPostLookupAuditExtractors" lazy-init="true">
41
-        <property name="sourceMap">
42
-            <map merge="true">
43
-            </map>
44
-        </property>
45
-    </bean>
46
-
47
-    <bean id="shibboleth.PostAssertionAuditExtractors" parent="shibboleth.DefaultPostAssertionAuditExtractors" lazy-init="true">
48
-        <property name="sourceMap">
49
-            <map merge="true">
50
-            </map>
51
-        </property>
52
-    </bean>
53
-
54
-    <bean id="shibboleth.PostResponseAuditExtractors" parent="shibboleth.DefaultPostResponseAuditExtractors" lazy-init="true">
55
-        <property name="sourceMap">
56
-            <map merge="true">
57
-            </map>
58
-        </property>
59
-    </bean>
60
-
61
-    <bean id="shibboleth.LogoutRequestAuditExtractors" parent="shibboleth.DefaultLogoutRequestAuditExtractors" lazy-init="true">
62
-        <property name="sourceMap">
63
-            <map merge="true">
64
-            </map>
65
-        </property>
66
-    </bean>
67
-    
68
-    <bean id="shibboleth.LogoutAuditExtractors" parent="shibboleth.DefaultLogoutAuditExtractors" lazy-init="true">
69
-        <property name="sourceMap">
70
-            <map merge="true">
71
-            </map>
72
-        </property>
73
-    </bean>
74
-
75
-    <bean id="shibboleth.ErrorViewAuditExtractors" parent="shibboleth.DefaultErrorViewAuditExtractors" lazy-init="true">
76
-        <property name="sourceMap">
77
-            <map merge="true">
78
-            </map>
79
-        </property>
80
-    </bean>
81
-
82
-    <bean id="shibboleth.CASLoginAuditExtractors" parent="shibboleth.DefaultCASLoginAuditExtractors" lazy-init="true">
83
-        <property name="sourceMap">
84
-            <map merge="true">
85
-            </map>
86
-        </property>
87
-    </bean>
88
-
89
-    <bean id="shibboleth.CASValidationAuditExtractors" parent="shibboleth.DefaultCASValidationAuditExtractors" lazy-init="true">
90
-        <property name="sourceMap">
91
-            <map merge="true">
92
-            </map>
93
-        </property>
94
-    </bean>
95
-
96
-    <bean id="shibboleth.CASProxyAuditExtractors" parent="shibboleth.DefaultCASProxyAuditExtractors" lazy-init="true">
97
-        <property name="sourceMap">
98
-            <map merge="true">
99
-            </map>
100
-        </property>
101
-    </bean>
102
-    
103
-</beans>

+ 0
- 53
src/shibboleth-identity-provider-3.2.1/dist/conf/cas-protocol.xml.dist View File

@@ -1,53 +0,0 @@
1
-<?xml version="1.0" encoding="UTF-8"?>
2
-<beans xmlns="http://www.springframework.org/schema/beans"
3
-       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4
-       xmlns:c="http://www.springframework.org/schema/c"
5
-       xmlns:p="http://www.springframework.org/schema/p"
6
-       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
7
-                           http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
8
-                           http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
9
-       default-init-method="initialize"
10
-       default-destroy-method="destroy">
11
-
12
-    <!--
13
-       | The CAS service registry defines verified relying parties by endpoint URI.
14
-       | The default implementation treats the ID of each entry as a regular expression defining a logical group of
15
-       | services whose URIs match the expression.
16
-       |
17
-       | This bean is reloaded periodically according to %{idp.home}/conf/services.properties.
18
-       -->
19
-    <bean id="reloadableServiceRegistry"
20
-          class="%{idp.cas.serviceRegistryClass:net.shibboleth.idp.cas.service.PatternServiceRegistry}">
21
-        <property name="definitions">
22
-            <list>
23
-                <!--
24
-                <bean class="net.shibboleth.idp.cas.service.ServiceDefinition"
25
-                      c:regex="https://([A-Za-z0-9_-]+\.)*example\.org(:\d+)?/.*"
26
-                      p:group="proxying-services"
27
-                      p:authorizedToProxy="true"
28
-                      p:singleLogoutParticipant="true" />
29
-                <bean class="net.shibboleth.idp.cas.service.ServiceDefinition"
30
-                      c:regex="http://([A-Za-z0-9_-]+\.)*example\.org(:\d+)?/.*"
31
-                      p:group="non-proxying-services"
32
-                      p:authorizedToProxy="false" /
33
-                -->
34
-            </list>
35
-        </property>
36
-    </bean>
37
-
38
-    <!--
39
-       | Advanced CAS configuration.
40
-       |
41
-       | Override default CAS components by creating aliases to custom components where the alias
42
-       | is the same as the default component bean ID.
43
-       -->
44
-    <!--
45
-    <bean id="cas.CustomTicketService"
46
-          class="org.example.idp.cas.CustomTicketService" />
47
-    <alias name="cas.CustomTicketService" alias="cas.TicketService" />
48
-
49
-    <bean id="cas.CustomProxyAuthenticator"
50
-          class="org.example.idp.cas.CustomProxyAuthenticator" />
51
-    <alias name="cas.CustomProxyAuthenticator" alias="cas.ProxyAuthenticator" />
52
-    -->
53
-</beans>

+ 0
- 73
src/shibboleth-identity-provider-3.2.1/dist/messages/authn-messages.properties.dist View File

@@ -1,73 +0,0 @@
1
-# In addition to the Apache 2.0 license, this content is also licensed
2
-# under the Creative Commons Attribution-ShareAlike 3.0 Unported license
3
-# (see http://creativecommons.org/licenses/by-sa/3.0/). 
4
-
5
-# Login / Logout messages
6
-
7
-idp.login.loginTo = Login to
8
-
9
-idp.login.username = Username
10
-idp.login.password = Password
11
-
12
-idp.login.donotcache = Don't Remember Login
13
-
14
-idp.login.login = Login
15
-idp.login.pleasewait = Logging in, please wait...
16
-
17
-idp.login.forgotPassword = Forgot your password?
18
-idp.login.needHelp = Need Help?
19
-
20
-# Expiring password example messages
21
-
22
-idp.login.expiringSoon = Your password will be expiring soon!
23
-idp.login.changePassword = To create a new password now, go to
24
-idp.login.proceedBegin = Your login will proceed in 20 seconds or you may click
25
-idp.login.proceedHere = here
26
-idp.login.proceedEnd = to continue
27
-
28
-# Useful links
29
-
30
-idp.url.password.reset = #
31
-idp.url.helpdesk = #
32
-
33
-# User Preferences example messages
34
-
35
-idp.userprefs.title = Web Login Service
36
-idp.userprefs.title.suffice = Login Preferences
37
-idp.userprefs.info = This page allows you to configure your device to tell the Web Login Service that it \
38
-                        can use more advanced login approaches that are more convenient, but not always usable.
39
-idp.userprefs.options = The following options are available:
40
-idp.userprefs.spnego = Automatically try desktop login when available.
41
-idp.userprefs.no-js = This feature requires Javascript.
42
-
43
-# Classified Login Error messages
44
-
45
-UnknownUsername = bad-username
46
-InvalidPassword = bad-password
47
-ExpiredPassword = expired-password
48
-AccountLocked = account-locked
49
-SPNEGONotAvailable = spnego-unavailable
50
-NTLMUnsupported = ntlm
51
-
52
-bad-username.message = The username you entered cannot be identified.
53
-
54
-bad-password.message = The password you entered was incorrect.
55
-
56
-expired-password.message = Your password has expired.
57
-
58
-account-locked.message = Your account is locked.
59
-
60
-spnego-unavailable.message = Your web browser doesn't support authentication with your desktop login credentials.
61
-spnego-unavailable.return = Cancel the attempt.
62
-
63
-ntlm.message = Your web browser attempted to negotiate a weaker form of desktop authentication.
64
-
65
-# Logout-related messages
66
-
67
-idp.logout.ask = Would you like to attempt to log out of all services accessed during your session? \
68
-                    Please select <strong>Yes</strong> or <strong>No</strong> to ensure the logout \
69
-                    operation completes, or wait a few seconds for Yes.
70
-idp.logout.contactServices = If you proceed, the system will attempt to contact the following services:
71
-idp.logout.complete = The logout operation is complete, and no other services appear to have been accessed during this session.
72
-idp.logout.local = You elected not to log out of all the applications accessed during your session.
73
-idp.logout.attempt = Attempting to log out of the following services:

+ 0
- 77
src/shibboleth-identity-provider-3.2.1/dist/messages/consent-messages.properties.dist View File

@@ -1,77 +0,0 @@
1
-# In addition to the Apache 2.0 license, this content is also licensed
2
-# under the Creative Commons Attribution-ShareAlike 3.0 Unported license
3
-# (see http://creativecommons.org/licenses/by-sa/3.0/). 
4
-
5
-# General messages related to terms of use consent.
6
-
7
-idp.terms-of-use.accept     = I accept the terms of use
8
-idp.terms-of-use.submit     = Submit
9
-idp.terms-of-use.reject     = Refuse
10
-idp.terms-of-use.required   = Please check this box if you want to proceed.
11
-
12
-# Triples consisting of a TOU key, and a title and text for each set of terms.
13
-# The default implementation uses the SP name as the key, but this can be overriden.
14
-
15
-https\://sp.example.org = example-tou-1
16
-example-tou-1.title = Example Terms of Use
17
-example-tou-1.text	= <em>*** This is an example ToU - tailor due to your needs ***</em> \
18
-                        <p>Example organization AAI services: Terms of Use (ToU)</p> \
19
-                        <strong>A. Data Protection Sample Clause</strong> \
20
-                        <p> \
21
-                        "The End User notes that personal data about the End User is compiled from generally \
22
-                        available sources and from communications received from the End User and other \
23
-                        Universities as well as from off-site sources. The policy relating to the use and procession \
24
-                        of such data is posted on the University website at [...]. Such data will be used, inter alia, \
25
-                        to authenticate and authorize the access to and use of various resources within \
26
-                        the University and on other sites ("Approved Uses"). The End User hereby consents to \
27
-                        the collection, processing, use and release of such data to the extent reasonably necessary \
28
-                        for the Approved Uses. Such consent includes, but is not limited to, the release \
29
-                        of personal data to other institutions by employing cookies and electronically exchanging, \
30
-                        caching and storing personal authorization attributes." \
31
-                        </p> \
32
-                        <strong>B. Limitation of Liability</strong> \
33
-                        <p> \
34
-                        "To the extent permitted by the applicable law, the End User hereby waives all and any \
35
-                        claims for cost and damages, whether direct or indirect, incidental, or consequential(including, \
36
-                        inter alia, loss of use and lost profits), both in contract and in tort, arising from \
37
-                        the use or in any way related to the inter-organizational authentication and authorization \
38
-                        services which allow the End User to access certain resources of other organizations. \
39
-                        This waiver of claims shall be valid and effective in relation to all participants of \
40
-                        the inter-organizational authentication and authorization services including the AAI \
41
-                        Service Provider and its affiliates, officers, employees and agents." \
42
-                        </p>
43
-
44
-# Messages related to attribute release consent.
45
-
46
-idp.attribute-release.revoke					   = Clear prior granting of permission for release of your information to this service.
47
-
48
-idp.attribute-release.title                        = Information Release
49
-
50
-idp.attribute-release.attributesHeader             = Information to be Provided to Service
51
-
52
-idp.attribute-release.serviceNameLabel             = You are about to access the service:
53
-idp.attribute-release.of                           = of
54
-idp.attribute-release.serviceDescriptionLabel      = Description as provided by this service:
55
-
56
-idp.attribute-release.informationURLLabel          = Additional information about the service
57
-idp.attribute-release.privacyStatementURLLabel     = Data privacy information of the service
58
-
59
-idp.attribute-release.showDetails                  = show details
60
-
61
-idp.attribute-release.accept                       = Accept
62
-idp.attribute-release.reject                       = Reject
63
-
64
-idp.attribute-release.confirmationQuestion         = The information above would be shared with the service if you proceed. \
65
-                                                     Do you agree to release this information to the service every time you access it?
66
-
67
-idp.attribute-release.consentMethod                = Select an information release consent duration:
68
-idp.attribute-release.consentMethodRevoke          = This setting can be revoked at any time with the checkbox on the login page.
69
-
70
-idp.attribute-release.doNotRememberConsent         = Ask me again at next login
71
-idp.attribute-release.doNotRememberConsentItem     = I agree to send my information this time.
72
-
73
-idp.attribute-release.rememberConsent              = Ask me again if information to be provided to this service changes
74
-idp.attribute-release.rememberConsentItem          = I agree that the same information will be sent automatically to this service in the future.
75
-
76
-idp.attribute-release.globalConsent                = Do not ask me again
77
-idp.attribute-release.globalConsentItem            = I agree that <strong>all</strong> of my information will be released to <strong>any</strong> service.

+ 0
- 119
src/shibboleth-identity-provider-3.2.1/dist/messages/error-messages.properties.dist View File

@@ -1,119 +0,0 @@
1
-# In addition to the Apache 2.0 license, this content is also licensed
2
-# under the Creative Commons Attribution-ShareAlike 3.0 Unported license
3
-# (see http://creativecommons.org/licenses/by-sa/3.0/). 
4
-
5
-# Title / Message mappings for error view
6
-
7
-# General strings
8
-idp.title = Web Login Service
9
-idp.title.suffix = Error
10
-idp.logo = /images/dummylogo.png
11
-idp.logo.alt-text = Replace or remove this logo
12
-idp.message = An unidentified error occurred.
13
-idp.footer = Insert your footer text here.
14
-
15
-idp.client-storage-read.title = Loading Session State...
16
-idp.client-storage-write.title = Saving Session State...
17
-idp.client-storage.no-js = Since your browser does not support JavaScript, \
18
-                            you must press the Continue button once to proceed.
19
-
20
-# Event to error key mappings
21
-
22
-AccessDenied = access
23
-ContextCheckDenied = context-check-denied
24
-EndpointResolutionFailed = endpoint
25
-InvalidProfileConfiguration = relying-party
26
-InvalidSecurityConfiguration = security-cfg
27
-MessageAuthenticationError = security-msg
28
-MessageReplay = stale
29
-MessageExpired = stale
30
-UnableToDecode = stale
31
-AccountError = authn
32
-AuthenticationException = authn
33
-InvalidCredentials = authn
34
-NoCredentials = authn
35
-NoPotentialFlow = authn
36
-RequestUnsupported = authn
37
-SubjectCanonicalizationError = authn
38
-InvalidAttributeContext = unexpected
39
-InvalidAuthenticationContext = unexpected
40
-InvalidSubjectContext = unexpected
41
-InvalidSubjectCanonicalizationContext = unexpected
42
-InvalidMessageContext = unexpected
43
-InvalidMessageVersion = unexpected
44
-InvalidProfileContext = unexpected
45
-InvalidRelyingPartyContext = unexpected
46
-InvalidRelyingPartyConfiguration = unexpected
47
-MessageProcessingError = unexpected
48
-UnableToEncode = unexpected
49
-UnableToSign = unexpected
50
-UnableToEncrypt = unexpected
51
-AttributeReleaseRejected = no-release
52
-TermsRejected = no-terms
53
-RuntimeException = runtime-error
54
-
55
-# Exception to error key mappings
56
-
57
-FlowExecutionRestorationFailureException = stale
58
-
59
-# Error key to title and message mappings
60
-
61
-access.title = Access Denied
62
-access.message = You do not have access to the requested resource.
63
-
64
-context-check-denied.title = Access Denied
65
-context-check-denied.message = You are not eligible for the service requested.
66
-
67
-no-release.title = Release of Information Prevented
68
-no-release.message = At your request, the release of your information has been blocked. If you wish to \
69
-                      change your decision, you may access the service again and approve the release in the \
70
-                      future.
71
-
72
-no-terms.title = Terms of Use Refused
73
-no-terms.message = Having refused the mandatory Terms of Use, access to the service is not permitted. \
74
-                    If you wish to change your decision, you may access the service again and approve  \
75
-                    the terms in the future. 
76
-
77
-authn.title = Login Failed
78
-authn.message = User login was not successful or could not meet the requirements of the requesting application.
79
-
80
-endpoint.title = Unable to Respond
81
-endpoint.message = The login service was unable to identify a compatible way to respond to the requested \
82
-                    application. This is generally to due to a misconfiguration on the part of the application \
83
-                    and should be reported to the application's support team or owner.
84
-
85
-relying-party.title = Unsupported Request
86
-relying-party.message = The application you have accessed is not registered for use with this service.
87
-
88
-security-cfg.title = Security Configuration Error
89
-security-cfg.message = The login service and the requested application do not share a compatible \
90
-                        security configuration, and the request cannot be fulfilled.
91
-
92
-security-msg.title = Message Security Error
93
-security-msg.message = The request cannot be fulfilled because the message received does not meet the \
94
-                        security requirements of the login service.
95
-
96
-stale.title = Stale Request
97
-stale.message = <p>You may be seeing this page because you used the Back button while browsing a \
98
-                 secure web site or application. Alternatively, you may have mistakenly bookmarked \
99
-                 the web login form instead of the actual web site you wanted to bookmark or used a \
100
-                 link created by somebody else who made the same mistake.</p> \
101
-                 <br/> \
102
-                 <p>Left unchecked, this can cause errors on some browsers or result in you returning to \
103
-                 the web site you tried to leave, so this page is presented instead.</p>
104
-
105
-unexpected.title = Unexpected Error
106
-unexpected.message = An unexpected error was encountered, usually reflecting a configuration or software error.
107
-
108
-runtime-error.title = Uncaught Exception
109
-runtime-error.message = <p>A software error was encountered that prevents normal operation:</p><br/> \
110
-                         <p><strong>#if($exception)$encoder.encodeForHTML($exception.toString())#else$encoder.encodeForHTML($flowExecutionException.getCause().toString())#end</strong></p><br/> \
111
-                         <p>Please report this problem to your Help Desk or administrative staff. It has \
112
-                         also been logged for an administrator to review.</p>
113
-
114
-error.title = Error
115
-error.message = An error occurred: $eventId
116
-
117
-root.title = Shibboleth IdP
118
-root.message = No services are available at this location.
119
-root.footer = Insert your footer text here.

+ 0
- 47
src/shibboleth-identity-provider-3.2.1/dist/views/resolvertest.vm.dist View File

@@ -1,47 +0,0 @@
1
-##
2
-## Velocity Template for Status Reporting flow
3
-##
4
-## Velocity context will contain the following properties
5
-## flowRequestContext - the Spring Web Flow RequestContext
6
-## request - HttpServletRequest
7
-## response - HttpServletResponse
8
-## profileRequestContext
9
-## attributeContext
10
-## XMLObjectSupport
11
-## SerializeSupport
12
-## environment - Spring Environment object for property resolution
13
-## custom - arbitrary object injected by deployer
14
-##
15
-#if ($flowRequestContext.getCurrentEvent() and !$flowRequestContext.getCurrentEvent().getId().equals("proceed"))
16
-    { "error": "$flowRequestContext.getCurrentEvent().getId()" }
17
-    $response.setContentType("application/json")
18
-    #stop
19
-#end
20
-#if ($profileRequestContext.getOutboundMessageContext() and $profileRequestContext.getOutboundMessageContext().getMessage())
21
-$SerializeSupport.prettyPrintXML($XMLObjectSupport.marshall($profileRequestContext.getOutboundMessageContext().getMessage()))
22
-    $response.setContentType("text/xml")
23
-    #stop
24
-#end 
25
-
26
-{
27
-"requester": "$profileRequestContext.getInboundMessageContext().getMessage().getRequesterId()",
28
-"principal": "$profileRequestContext.getInboundMessageContext().getMessage().getPrincipal()",
29
-"attributes": [
30
-
31
-#foreach ($attribute in $attributeContext.getIdPAttributes())
32
-
33
-  {
34
-    "name": "$attribute.getId()",
35
-    "values": [
36
-      #foreach ($value in $attribute.getValues())
37
-        "$value.toString().replace('"','\"')"#if( $foreach.hasNext ),#end
38
-      #end
39
-    ]
40
-  }#if( $foreach.hasNext ),#end
41
-  
42
-#end
43
-
44
-]
45
-}
46
-
47
-$response.setContentType("application/json")

+ 0
- 61
src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/etc/jetty-deploy.xml View File

@@ -1,61 +0,0 @@
1
-<?xml version="1.0"?>
2
-<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
3
-
4
-<!-- =============================================================== -->
5
-<!-- Create the deployment manager                                   -->
6
-<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
7
-<!-- The deployment manager handles the lifecycle of deploying web    -->
8
-<!-- applications. Apps are provided by instances of the             -->
9
-<!-- AppProvider interface.                                          -->
10
-<!-- =============================================================== -->
11
-<Configure id="Server" class="org.eclipse.jetty.server.Server">
12
-
13
-  <Call name="addBean">
14
-    <Arg>
15
-      <New id="DeploymentManager" class="org.eclipse.jetty.deploy.DeploymentManager">
16
-        <Set name="contexts">
17
-          <Ref refid="Contexts" />
18
-        </Set>
19
-        <Call name="setContextAttribute">
20
-          <Arg>org.eclipse.jetty.server.webapp.ContainerIncludeJarPattern</Arg>
21
-          <Arg>.*/[^/]*servlet-api-[^/]*\.jar$|.*/javax.servlet.jsp.jstl-.*\.jar$|.*/org.apache.taglibs.taglibs-standard-impl-.*\.jar$</Arg>
22
-        </Call>
23
-
24
-        <!-- Add a customize step to the deployment lifecycle -->
25
-        <!-- uncomment and replace DebugBinding with your extended AppLifeCycle.Binding class
26
-        <Call name="insertLifeCycleNode">
27
-          <Arg>deployed</Arg>
28
-          <Arg>starting</Arg>
29
-          <Arg>customise</Arg>
30
-        </Call>
31
-        <Call name="addLifeCycleBinding">
32
-          <Arg>
33
-            <New class="org.eclipse.jetty.deploy.bindings.DebugBinding">
34
-              <Arg>customise</Arg>
35
-            </New>
36
-          </Arg>
37
-        </Call> -->
38
-
39
-        <Call id="webappprovider" name="addAppProvider">
40
-          <Arg>
41
-            <New class="org.eclipse.jetty.deploy.providers.WebAppProvider">
42
-              <Set name="monitoredDirName"><Property name="jetty.base" default="." />/<Property name="jetty.deploy.monitoredDirName" default="webapps"/></Set>
43
-              <Set name="defaultsDescriptor"><Property name="jetty.home" default="." />/etc/webdefault.xml</Set>
44
-              <Set name="scanInterval">1</Set>
45
-              <Set name="extractWars">false</Set>
46
-              <Set name="configurationManager">
47
-                <New class="org.eclipse.jetty.deploy.PropertiesConfigurationManager">
48
-                  <!-- file of context configuration properties -->
49
-                  <Set name="file"><Property name="jetty.base"/>/start.d/idp.ini</Set>
50
-                  <!-- set a context configuration property
51
-                  <Call name="put"><Arg>name</Arg><Arg>value</Arg></Call>
52
-                  -->
53
-                </New>
54
-              </Set>
55
-            </New>
56
-          </Arg>
57
-        </Call>
58
-      </New>
59
-    </Arg>
60
-  </Call>
61
-</Configure>

+ 0
- 24
src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/etc/jetty-requestlog.xml View File

@@ -1,24 +0,0 @@
1
-<?xml version="1.0"?>
2
-<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
3
- 
4
-<!-- =============================================================== -->
5
-<!-- Configure the Jetty Request Log                                 -->
6
-<!-- =============================================================== -->
7
-<Configure id="Server" class="org.eclipse.jetty.server.Server">
8
-  <!-- =========================================================== -->
9
-  <!-- Configure Request Log -->
10
-  <!-- =========================================================== -->
11
-  <Ref refid="Handlers">
12
-    <Call name="addHandler">
13
-      <Arg>
14
-        <New id="RequestLog" class="org.eclipse.jetty.server.handler.RequestLogHandler">
15
-          <Set name="requestLog">
16
-            <New id="RequestLogImpl" class="ch.qos.logback.access.jetty.RequestLogImpl">
17
-              <Set name="fileName"><Property name="jetty.base" default="." />/resources/logback-access.xml</Set>
18
-            </New>
19
-          </Set>
20
-        </New>
21
-      </Arg>
22
-    </Call>
23
-  </Ref>
24
-</Configure>

+ 0
- 343
src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/etc/jetty.xml View File

@@ -1,343 +0,0 @@
1
-<?xml version="1.0"?>
2
-<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
3
-<!-- 
4
-    NOTE NOTE NOTE NOTE NOTE NOTE NOTE NOTE NOTE NOTE NOTE NOTE NOTE
5
-    
6
-    Automated install on Windows will overwrite this file.  If you edit
7
-    this file you will lose your changes on each upgrade.
8
-    
9
-    If you need to change this file you need to manage your container
10
-    yourself and not rely on the windows installer to upgrade your
11
-    system.
12
-    
13
-    If you believe that your change is generally useful, please submit
14
-    an RFI at https://issues.shibboleth.net/ 
15
-
16
- -->
17
-<!-- =============================================================== -->
18
-<!-- Documentation of this file format can be found at:              -->
19
-<!-- http://wiki.eclipse.org/Jetty/Reference/jetty.xml_syntax        -->
20
-<!--                                                                 -->
21
-<!-- Additional configuration files are available in $JETTY_HOME/etc -->
22
-<!-- and can be mixed in. See start.ini file for the default         -->
23
-<!-- configuration files.                                            -->
24
-<!--                                                                 -->
25
-<!-- For a description of the configuration mechanism, see the       -->
26
-<!-- output of:                                                      -->
27
-<!--   java -jar start.jar -?                                        -->
28
-<!-- =============================================================== -->
29
-
30
-<!-- =============================================================== -->
31
-<!-- Configure a Jetty Server instance with an ID "Server"           -->
32
-<!-- Other configuration files may also configure the "Server"       -->
33
-<!-- ID, in which case they are adding configuration to the same     -->
34
-<!-- instance.  If other configuration have a different ID, they     -->
35
-<!-- will create and configure another instance of Jetty.            -->
36
-<!-- Consult the javadoc of o.e.j.server.Server for all              -->
37
-<!-- configuration that may be set here.                             -->
38
-<!-- =============================================================== -->
39
-<Configure id="Server" class="org.eclipse.jetty.server.Server">
40
-
41
-    <!-- =========================================================== -->
42
-    <!-- Configure the Server Thread Pool.                           -->
43
-    <!-- The server holds a common thread pool which is used by      -->
44
-    <!-- default as the executor used by all connectors and servlet  -->
45
-    <!-- dispatches.                                                 -->
46
-    <!--                                                             -->
47
-    <!-- Configuring a fixed thread pool is vital to controlling the -->
48
-    <!-- maximal memory footprint of the server and is a key tuning  -->
49
-    <!-- parameter for tuning.  In an application that rarely blocks -->
50
-    <!-- then maximal threads may be close to the number of 5*CPUs.  -->
51
-    <!-- In an application that frequently blocks, then maximal      -->
52
-    <!-- threads should be set as high as possible given the memory  -->
53
-    <!-- available.                                                  -->
54
-    <!--                                                             -->
55
-    <!-- Consult the javadoc of o.e.j.util.thread.QueuedThreadPool   -->
56
-    <!-- for all configuration that may be set here.                 -->
57
-    <!-- =========================================================== -->
58
-    <Get name="ThreadPool">
59
-      <Set name="minThreads" type="int"><Property name="threads.min" default="10" /></Set>
60
-      <Set name="maxThreads" type="int"><Property name="threads.max" default="200" /></Set>
61
-      <Set name="idleTimeout" type="int"><Property name="threads.timeout" default="60000" /></Set>
62
-      <Set name="detailedDump">false</Set>
63
-    </Get>
64
-
65
-    <!-- =========================================================== -->
66
-    <!-- Add shared Scheduler instance                               -->
67
-    <!-- =========================================================== -->
68
-    <Call name="addBean">
69
-      <Arg>
70
-        <New class="org.eclipse.jetty.util.thread.ScheduledExecutorScheduler" />
71
-      </Arg>
72
-    </Call>
73
-
74
-    <!-- =========================================================== -->
75
-    <!-- Http Configuration.                                         -->
76
-    <!-- This is a common configuration instance used by all         -->
77
-    <!-- connectors that can carry HTTP semantics (HTTP, HTTPS, SPDY)-->
78
-    <!-- It configures the non wire protocol aspects of the HTTP     -->
79
-    <!-- semantic.                                                   -->
80
-    <!--                                                             -->
81
-    <!-- Consult the javadoc of o.e.j.server.HttpConfiguration       -->
82
-    <!-- for all configuration that may be set here.                 -->
83
-    <!-- =========================================================== -->
84
-    <New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
85
-      <Set name="secureScheme">https</Set>
86
-      <Set name="securePort"><Property name="jetty.secure.port" default="8443" /></Set>
87
-      <Set name="outputBufferSize"><Property name="jetty.output.buffer.size" default="32768" /></Set>
88
-      <Set name="requestHeaderSize"><Property name="jetty.request.header.size" default="8192" /></Set>
89
-      <Set name="responseHeaderSize"><Property name="jetty.response.header.size" default="8192" /></Set>
90
-      <Set name="sendServerVersion"><Property name="jetty.send.server.version" default="true" /></Set>
91
-      <Set name="sendDateHeader"><Property name="jetty.send.date.header" default="false" /></Set>
92
-      <Set name="headerCacheSize">512</Set>
93
-      <!-- Uncomment to enable handling of X-Forwarded- style headers
94
-      <Call name="addCustomizer">
95
-        <Arg><New class="org.eclipse.jetty.server.ForwardedRequestCustomizer"/></Arg>
96
-      </Call>
97
-      -->
98
-    </New>
99
-
100
-
101
-    <!-- =========================================================== -->
102
-    <!-- Add a HTTP Connector.                                       -->
103
-    <!-- Configure an o.e.j.server.ServerConnector with a single     -->
104
-    <!-- HttpConnectionFactory instance using the common httpConfig  -->
105
-    <!-- instance defined in jetty.xml                               -->
106
-    <!--                                                             -->
107
-    <!-- Consult the javadoc of o.e.j.server.ServerConnector and     -->
108
-    <!-- o.e.j.server.HttpConnectionFactory for all configuration    -->
109
-    <!-- that may be set here.                                       -->
110
-    <!-- =========================================================== -->
111
-
112
-    <Call name="addConnector">
113
-      <Arg>
114
-        <New class="org.eclipse.jetty.server.ServerConnector">
115
-          <Arg name="server"><Ref refid="Server" /></Arg>
116
-          <Arg name="factories">
117
-            <Array type="org.eclipse.jetty.server.ConnectionFactory">
118
-              <Item>
119
-                <New class="org.eclipse.jetty.server.HttpConnectionFactory">
120
-                  <Arg name="config"><Ref refid="httpConfig" /></Arg>
121
-                </New>
122
-              </Item>
123
-            </Array>
124
-          </Arg>
125
-          <Set name="host"><Property name="jetty.nonhttps.host" default="localhost" /></Set>
126
-          <Set name="port"><Property name="jetty.nonhttps.port" default="8080" /></Set>
127
-          <Set name="idleTimeout"><Property name="http.timeout" default="30000" /></Set>
128
-          <Set name="soLingerTime"><Property name="http.soLingerTime" default="-1"/></Set>
129
-        </New>
130
-      </Arg>
131
-    </Call>
132
-
133
-    <!-- ============================================================= -->
134
-    <!-- Configure a TLS (SSL) Context Factory                         -->
135
-    <!-- ============================================================= -->
136
-    <New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
137
-      <Set name="KeyStorePath"><Property name="jetty.browser.keystore.path" /></Set>
138
-      <Set name="KeyStoreType"><Property name="jetty.browser.keystore.type" /></Set>
139
-      <Set name="KeyStorePassword"><Property name="jetty.browser.keystore.password" /></Set>
140
-      <Set name="EndpointIdentificationAlgorithm"></Set>
141
-      <Set name="NeedClientAuth"><Property name="jetty.ssl.needClientAuth" default="false"/></Set>
142
-      <Set name="WantClientAuth"><Property name="jetty.ssl.wantClientAuth" default="false"/></Set>
143
-      <Set name="excludeProtocols">
144
-        <Array type="String">
145
-          <Item>SSLv3</Item>
146
-        </Array>
147
-     </Set>
148
-      <Set name="IncludeCipherSuites">
149
-        <Array type="String">
150
-          <Item>TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256</Item>
151
-          <Item>TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384</Item>
152
-
153
-          <Item>TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256</Item>
154
-          <Item>TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384</Item>
155
-
156
-          <Item>TLS_RSA_WITH_AES_128_GCM_SHA256</Item>
157
-          <Item>TLS_RSA_WITH_AES_256_GCM_SHA384</Item>
158
-
159
-          <Item>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256</Item>
160
-          <Item>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384</Item>
161
-          <Item>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA</Item>
162
-          <Item>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA</Item>
163
-          <Item>TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA</Item>
164
-
165
-          <Item>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256</Item>
166
-          <Item>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384</Item>
167
-          <Item>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</Item>
168
-          <Item>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</Item>
169
-          <Item>TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA</Item>
170
-
171
-          <Item>TLS_RSA_WITH_AES_128_CBC_SHA256</Item>
172
-          <Item>TLS_RSA_WITH_AES_128_CBC_SHA</Item>
173
-          <Item>TLS_RSA_WITH_AES_256_CBC_SHA</Item>
174
-          <Item>SSL_RSA_WITH_3DES_EDE_CBC_SHA</Item>
175
-        </Array>
176
-      </Set>
177
-    </New>
178
-
179
-    <!-- ============================================================= -->
180
-    <!-- Configure a No-Validation TLS (SSL) Context Factory           -->
181
-    <!-- ============================================================= -->
182
-    <New id="shibContextFactory" class="net.shibboleth.utilities.jetty9.DelegateToApplicationSslContextFactory">
183
-      <Set name="KeyStorePath"><Property name="jetty.backchannel.keystore.path" /></Set>
184
-      <Set name="KeyStoreType"><Property name="jetty.backchannel.keystore.type" /></Set>
185
-      <Set name="KeyStorePassword"><Property name="jetty.backchannel.keystore.password" /></Set>
186
-      <Set name="EndpointIdentificationAlgorithm"></Set>
187
-      <Set name="excludeProtocols">
188
-        <Array type="String">
189
-          <Item>SSLv3</Item>
190
-        </Array>
191
-     </Set>
192
-      <Set name="IncludeCipherSuites">
193
-        <Array type="String">
194
-          <Item>TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256</Item>
195
-          <Item>TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384</Item>
196
-
197
-          <Item>TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256</Item>
198
-          <Item>TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384</Item>
199
-
200
-          <Item>TLS_RSA_WITH_AES_128_GCM_SHA256</Item>
201
-          <Item>TLS_RSA_WITH_AES_256_GCM_SHA384</Item>
202
-
203
-          <Item>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256</Item>
204
-          <Item>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384</Item>
205
-          <Item>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA</Item>
206
-          <Item>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA</Item>
207
-
208
-          <Item>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256</Item>
209
-          <Item>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384</Item>
210
-          <Item>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</Item>
211
-          <Item>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</Item>
212
-
213
-          <Item>TLS_RSA_WITH_AES_128_CBC_SHA256</Item>
214
-          <Item>TLS_RSA_WITH_AES_256_CBC_SHA384</Item>
215
-          <Item>TLS_RSA_WITH_AES_128_CBC_SHA</Item>
216
-          <Item>TLS_RSA_WITH_AES_256_CBC_SHA</Item>
217
-        </Array>
218
-      </Set>
219
-    </New>
220
-
221
-    <!-- =========================================================== -->
222
-    <!-- Create a TLS specific HttpConfiguration based on the        -->
223
-    <!-- common HttpConfiguration defined in jetty.xml               -->
224
-    <!-- Add a SecureRequestCustomizer to extract certificate and    -->
225
-    <!-- session information                                         -->
226
-    <!-- =========================================================== -->
227
-    <New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
228
-      <Arg><Ref refid="httpConfig" /></Arg>
229
-      <Call name="addCustomizer">
230
-        <Arg><New class="org.eclipse.jetty.server.SecureRequestCustomizer" /></Arg>
231
-      </Call>
232
-    </New>
233
-
234
-    <!-- =========================================================== -->
235
-    <!-- Add a HTTPS Connector.                                      -->
236
-    <!-- Configure an o.e.j.server.ServerConnector with connection   -->
237
-    <!-- factories for TLS (aka SSL) and HTTP to provide HTTPS.      -->
238
-    <!-- All accepted TLS connections are wired to a HTTP connection.-->
239
-    <!--                                                             -->
240
-    <!-- Consult the javadoc of o.e.j.server.ServerConnector,        -->
241
-    <!-- o.e.j.server.SslConnectionFactory and                       -->
242
-    <!-- o.e.j.server.HttpConnectionFactory for all configuration    -->
243
-    <!-- that may be set here.                                       -->
244
-    <!-- =========================================================== -->
245
-    <Call id="httpsConnector" name="addConnector">
246
-      <Arg>
247
-        <New class="org.eclipse.jetty.server.ServerConnector">
248
-          <Arg name="server"><Ref refid="Server" /></Arg>
249
-          <Arg name="factories">
250
-            <Array type="org.eclipse.jetty.server.ConnectionFactory">
251
-              <Item>
252
-                <New class="org.eclipse.jetty.server.SslConnectionFactory">
253
-                  <Arg name="next">http/1.1</Arg>
254
-                  <Arg name="sslContextFactory"><Ref refid="sslContextFactory" /></Arg>
255
-                </New>
256
-              </Item>
257
-              <Item>
258
-                <New class="org.eclipse.jetty.server.HttpConnectionFactory">
259
-                  <Arg name="config"><Ref refid="sslHttpConfig" /></Arg>
260
-                </New>
261
-              </Item>
262
-            </Array>
263
-          </Arg>
264
-          <Set name="host"><Property name="jetty.host" default="localhost" /></Set>
265
-          <Set name="port"><Property name="jetty.https.port" default="8443" /></Set>
266
-          <Set name="idleTimeout"><Property name="https.timeout" default="30000"/></Set>
267
-          <Set name="soLingerTime"><Property name="https.soLingerTime" default="-1"/></Set>
268
-        </New>
269
-      </Arg>
270
-    </Call>
271
-
272
-    <!-- =========================================================== -->
273
-    <!-- Add a HTTPS Connector for SOAP                              -->
274
-    <!-- Configure an o.e.j.server.ServerConnector with connection   -->
275
-    <!-- factories for TLS (aka SSL) and HTTP to provide HTTPS.      -->
276
-    <!-- All accepted TLS connections are wired to a HTTP connection.-->
277
-    <!--                                                             -->
278
-    <!-- Consult the javadoc of o.e.j.server.ServerConnector,        -->
279
-    <!-- o.e.j.server.SslConnectionFactory and                       -->
280
-    <!-- o.e.j.server.HttpConnectionFactory for all configuration    -->
281
-    <!-- that may be set here.                                       -->
282
-    <!-- =========================================================== -->
283
-    <Call id="httpsSOAPConnector" name="addConnector">
284
-      <Arg>
285
-        <New class="org.eclipse.jetty.server.ServerConnector">
286
-          <Arg name="server"><Ref refid="Server" /></Arg>
287
-          <Arg name="factories">
288
-            <Array type="org.eclipse.jetty.server.ConnectionFactory">
289
-              <Item>
290
-                <New class="org.eclipse.jetty.server.SslConnectionFactory">
291
-                  <Arg name="next">http/1.1</Arg>
292
-                  <Arg name="sslContextFactory"><Ref refid="shibContextFactory" /></Arg>
293
-                </New>
294
-              </Item>
295
-              <Item>
296
-                <New class="org.eclipse.jetty.server.HttpConnectionFactory">
297
-                  <Arg name="config"><Ref refid="sslHttpConfig" /></Arg>
298
-                </New>
299
-              </Item>
300
-            </Array>
301
-          </Arg>
302
-          <Set name="host"><Property name="jetty.host" default="localhost" /></Set>
303
-          <Set name="port"><Property name="jetty.backchannel.port" default="9443" /></Set>
304
-          <Set name="idleTimeout">30000</Set>
305
-        </New>
306
-      </Arg>
307
-    </Call>
308
-
309
-    <!-- =========================================================== -->
310
-    <!-- Set the default handler structure for the Server            -->
311
-    <!-- A handler collection is used to pass received requests to   -->
312
-    <!-- both the ContextHandlerCollection, which selects the next   -->
313
-    <!-- handler by context path and virtual host, and the           -->
314
-    <!-- DefaultHandler, which handles any requests not handled by   -->
315
-    <!-- the context handlers.                                       -->
316
-    <!-- Other handlers may be added to the "Handlers" collection,   -->
317
-    <!-- for example the jetty-requestlog.xml file adds the          -->
318
-    <!-- RequestLogHandler after the default handler                 -->
319
-    <!-- =========================================================== -->
320
-    <Set name="handler">
321
-      <New id="Handlers" class="org.eclipse.jetty.server.handler.HandlerCollection">
322
-        <Set name="handlers">
323
-          <Array type="org.eclipse.jetty.server.Handler">
324
-            <Item>
325
-              <New id="Contexts" class="org.eclipse.jetty.server.handler.ContextHandlerCollection" />
326
-            </Item>
327
-            <Item>
328
-              <New id="DefaultHandler" class="org.eclipse.jetty.server.handler.DefaultHandler" />
329
-            </Item>
330
-          </Array>
331
-        </Set>
332
-      </New>
333
-    </Set>
334
-
335
-    <!-- =========================================================== -->
336
-    <!-- extra server options                                        -->
337
-    <!-- =========================================================== -->
338
-    <Set name="stopAtShutdown">true</Set>
339
-    <Set name="stopTimeout">5000</Set>
340
-    <Set name="dumpAfterStart"><Property name="jetty.dump.start" default="false" /></Set>
341
-    <Set name="dumpBeforeStop"><Property name="jetty.dump.stop" default="false" /></Set>
342
-
343
-</Configure>

BIN
src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/lib/ext/jetty9-dta-ssl-1.0.0.jar View File


BIN
src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/lib/logging/jcl-over-slf4j-1.7.12.jar View File


BIN
src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/lib/logging/logback-access-1.1.3.jar View File


BIN
src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/lib/logging/logback-classic-1.1.3.jar View File


BIN
src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/lib/logging/logback-core-1.1.3.jar View File


+ 0
- 14
src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/resources/logback-access.xml View File

@@ -1,14 +0,0 @@
1
-<configuration>
2
-  <statusListener class="ch.qos.logback.core.status.OnConsoleStatusListener" /> 
3
-  <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
4
-    <file>${jetty.base}/logs/access.log</file>
5
-    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
6
-      <fileNamePattern>${jetty.base}/logs/access-%d{yyyy-MM-dd}.log.gz</fileNamePattern>
7
-    </rollingPolicy>
8
-    <encoder>
9
-      <pattern>combined</pattern>
10
-    </encoder>
11
-  </appender>
12
-  
13
-  <appender-ref ref="FILE" />
14
-</configuration>

+ 0
- 21
src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/resources/logback.xml View File

@@ -1,21 +0,0 @@
1
-<?xml version="1.0" encoding="UTF-8"?>
2
-<configuration scan="true">
3
-    <appender name="jetty" class="ch.qos.logback.core.rolling.RollingFileAppender">
4
-        <File>${jetty.base}/logs/jetty.log</File>
5
-         
6
-        <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
7
-            <FileNamePattern>${jetty.base}/logs/jetty-%d{yyyy-MM-dd}.log.gz</FileNamePattern>
8
-        </rollingPolicy>
9
- 
10
-        <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
11
-            <charset>UTF-8</charset>
12
-            <Pattern>%date{HH:mm:ss.SSS} - %level [%logger:%line] - %msg%n</Pattern>
13
-        </encoder>
14
-    </appender>
15
-   
16
-    <root level="DEBUG">
17
-        <appender-ref ref="jetty" />
18
-    </root>
19
-    <logger name="org.springframework" level="OFF" />
20
-    <logger name="ch.qos.logback" level="WARN" />
21
-</configuration>

+ 0
- 49
src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/start.d/idp.ini View File

@@ -1,49 +0,0 @@
1
-#
2
-# Note for Windows users:
3
-#
4
-# These are the only properties which are guaranteed to work between upgrades.  You may find 
5
-# more in jetty.xml and add them here and they may work. 
6
-# 
7
-# To repeat, only properties listed below are guarantee to work between upgrades.
8
-#
9
-
10
-# The interface to listen on. To listen on all interfaces, set jetty.host = 0.0.0.0
11
-jetty.host=localhost
12
-
13
-# The HTTPS port
14
-jetty.https.port=8443
15
-
16
-# The SOAP endpoint port
17
-jetty.backchannel.port=9443
18
-
19
-# Absolute path to keystores
20
-jetty.backchannel.keystore.path=../credentials/idp-backchannel.p12
21
-jetty.browser.keystore.path=../credentials/idp-userfacing.p12
22
-
23
-# Keystore passwords
24
-jetty.backchannel.keystore.password=changeit
25
-jetty.browser.keystore.password=changeit
26
-
27
-# Keystore types
28
-jetty.backchannel.keystore.type=PKCS12
29
-jetty.browser.keystore.type=PKCS12
30
-
31
-# The IdP webapp context path
32
-jetty.context.path=/idp
33
-
34
-# Path to IdP WAR (dir or file), relative to ${jetty.base} directory
35
-jetty.war.path=../webapp
36
-
37
-# Path to JAAS config
38
-jetty.jaas.path=conf/authn/jaas.config
39
-
40
-#Path to statically served.  This is relative to ${jetty.base} directory
41
-#jetty.static.data.path=../static
42
-
43
-#
44
-# Configuration for the non https connection.
45
-# 
46
-# In general, do not modify these values
47
-#
48
-jetty.nonhttps.host=localhost
49
-jetty.nonhttps.port=8080

+ 0
- 15
src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/start.d/jsp.ini View File

@@ -1,15 +0,0 @@
1
-#
2
-# Initialize module jsp
3
-#
4
---module=jsp
5
-# JSP Configuration
6
-
7
-# Select JSP implementation, choices are
8
-#   glassfish : The reference implementation
9
-#               default in jetty <= 9.1
10
-#   apache    : The apache version
11
-#               default jetty >= 9.2
12
-jsp-impl=apache
13
-
14
-# To use a non-jdk compiler for JSP compilation when using glassfish uncomment next line
15
-# -Dorg.apache.jasper.compiler.disablejsr199=true

+ 0
- 9
src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/start.d/jstl.ini View File

@@ -1,9 +0,0 @@
1
-#
2
-# Initialize module jstl
3
-#
4
---module=jstl
5
-# JSTL Configuration
6
-# The glassfish jsp-impl includes JSTL by default and this module
7
-# is not required to activate it.
8
-# The apache jsp-impl does not include JSTL by default and this module
9
-# is required to put JSTL on the container classpath

+ 0
- 125
src/shibboleth-identity-provider-3.2.1/embedded/jetty-base/start.ini View File

@@ -1,125 +0,0 @@
1
-#===========================================================
2
-# Jetty start.jar arguments
3
-#
4
-# The contents of this file, together with the *.ini
5
-# files found in start.d directory are used to build
6
-# the classpath and command line on a call to
7
-#    java -jar start.jar [arg...]
8
-#
9
-# Use the following command to see more options
10
-#    java -jar start.jar --help
11
-#
12
-# Each line in these files is prepended to the command line
13