Eolisation d'un Fournisseur d'identité Shibboleth / Eole Shibboleth IDP integration

services.xml 6.8KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145
  1. <beans xmlns="http://www.springframework.org/schema/beans"
  2. xmlns:context="http://www.springframework.org/schema/context"
  3. xmlns:util="http://www.springframework.org/schema/util" xmlns:p="http://www.springframework.org/schema/p"
  4. xmlns:c="http://www.springframework.org/schema/c" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  5. xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
  6. http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
  7. http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">
  8. <!-- Advanced configuration of services from SVN.
  9. To use an SVN resource you need to construct it and then inject it into
  10. The appropriate bean. To use property replacement you will need a separate
  11. resource pointing to the replacement phrase.
  12. For example:
  13. <bean id="AuthnMgr" class="org.tmatesoft.svn.core.auth.BasicAuthenticationManager">
  14. <constructor-arg>
  15. <null />
  16. </constructor-arg>
  17. </bean>
  18. <bean id="ClientMgr" factory-method="newInstance"
  19. class="org.tmatesoft.svn.core.wc.SVNClientManager"
  20. p:authenticationManager-ref="AuthnMgr" />
  21. <bean id="TheSVNURL" factory-method="create"
  22. class="org.tmatesoft.svn.core.SVNURL">
  23. <constructor-arg value="https" />
  24. <constructor-arg>
  25. <null />
  26. </constructor-arg>
  27. <constructor-arg value="svn.shibboleth.net" />
  28. <constructor-arg value="-1" />
  29. <constructor-arg
  30. value="/utilities/spring-extensions/trunk/src/test/resources/data/" />
  31. <constructor-arg value="false" />
  32. </bean>
  33. <bean id="TheSVNResource" class="net.shibboleth.ext.spring.resource.SVNResource">
  34. <constructor-arg ref="ClientMgr" />
  35. <constructor-arg ref="TheSVNURL" />
  36. <constructor-arg value="D:/testdir/dir" />
  37. <constructor-arg value="-1" />
  38. <constructor-arg value="TestResource.txt" />
  39. </bean>
  40. <util:list id="shibboleth.AttributeResolverResources">
  41. <ref bean="TheSVNResource"/>
  42. <value>path_to_properties_specifyingBean_file</value>
  43. </util:list>
  44. see also https://wiki.shibboleth.net/confluence/display/IDP30/SVNResource
  45. http://svnkit.com/javadoc/org/tmatesoft/svn/core/auth/BasicAuthenticationManager.html#constructor_detail
  46. http://svnkit.com/javadoc/org/tmatesoft/svn/core/SVNURL.html
  47. -->
  48. <!-- Advanced configuration of services from HTTP.
  49. To use an HTTP resource you first need to configure the Apache HttpClient which will be used
  50. to communicate with the web server. Any HttpClient can be used, but two Factory Beans allow simple
  51. configuration of in-memory or file-based caching clients.
  52. Examples are:
  53. A resource which will be supplied from an in-memory cache for as long as the file on the webserver does not change.
  54. If the webserver becomes unavailable the resource will be unavailable.
  55. <bean id="inMemoryResource" class="net.shibboleth.ext.spring.resource.HTTPResource"
  56. c:client-ref="shibboleth.MemoryCachingHttpClient"
  57. c:url="http://example.org/path/to/file.xml" />
  58. Two resources which will be supplied from an on disk cache (suitable for multiple or large files) for as long
  59. as the file on the webserver does not change. If the webserver becomes unavailable the last used contents
  60. of the file will be returned (even if that was in a previous IdP lifetime).
  61. <bean id="fileResource" class="net.shibboleth.ext.spring.resource.FileBackedHTTPResource"
  62. c:client-ref="shibboleth.FileCachingHttpClient"
  63. c:url="http://example.org/path/to/file.xml"
  64. c:backingFile="/var/shibboleth/caches/resourcecache/file.xml"/>
  65. <bean id="otherFileResource" class="net.shibboleth.ext.spring.resource.FileBackedHTTPResource"
  66. c:client-ref="shibboleth.FileCachingHttpClient"
  67. c:url="http://another.server.example.org/path/to/different/file.xml"
  68. c:backingFile="/var/shibboleth/caches/resourcecache/differentFile.xml"/>
  69. In all cases you should review the "idp.httpclient.*" properties defined in services.properties
  70. -->
  71. <!--
  72. Otherwise by default we look at resources whose names are derived from %{idp.home}. Services not configured
  73. using native Spring syntax also need to load the property-placeholder file in order to pull settings from
  74. property sources.
  75. -->
  76. <!-- This set of resources supports a native Spring relying-party.xml file. -->
  77. <util:list id="shibboleth.RelyingPartyResolverResources">
  78. <value>%{idp.home}/conf/relying-party.xml</value>
  79. <value>%{idp.home}/conf/credentials.xml</value>
  80. <value>%{idp.home}/system/conf/relying-party-system.xml</value>
  81. </util:list>
  82. <!-- This set of resources supports a legacy 2.x relying-party.xml file. -->
  83. <util:list id="shibboleth.LegacyRelyingPartyResolverResources">
  84. <value>%{idp.home}/conf/relying-party.xml</value>
  85. <value>%{idp.home}/system/conf/legacy-relying-party-defaults.xml</value>
  86. </util:list>
  87. <util:list id="shibboleth.MetadataResolverResources">
  88. <value>%{idp.home}/conf/metadata-providers.xml</value>
  89. <value>%{idp.home}/system/conf/metadata-providers-system.xml</value>
  90. </util:list>
  91. <util:list id ="shibboleth.AttributeResolverResources">
  92. <value>%{idp.home}/conf/attribute-resolver-ldap.xml</value>
  93. </util:list>
  94. <util:list id ="shibboleth.AttributeFilterResources">
  95. <value>%{idp.home}/conf/attribute-filter.xml</value>
  96. </util:list>
  97. <util:list id ="shibboleth.NameIdentifierGenerationResources">
  98. <value>%{idp.home}/conf/saml-nameid.xml</value>
  99. <value>%{idp.home}/system/conf/saml-nameid-system.xml</value>
  100. </util:list>
  101. <util:list id="shibboleth.AccessControlResources">
  102. <value>%{idp.home}/conf/access-control.xml</value>
  103. <value>%{idp.home}/system/conf/access-control-system.xml</value>
  104. </util:list>
  105. <util:list id="shibboleth.CASServiceRegistryResources">
  106. <value>%{idp.home}/conf/cas-protocol.xml</value>
  107. </util:list>
  108. <!--
  109. This collection of resources differs slightly in that it should not include the file extension.
  110. Message sources are internationalized, and Spring will search for a compatible language extension
  111. and fall back to one with a .properties extension.
  112. -->
  113. <util:list id="shibboleth.MessageSourceResources">
  114. <value>%{idp.home}/messages/authn-messages</value>
  115. <value>%{idp.home}/messages/consent-messages</value>
  116. <value>%{idp.home}/messages/error-messages</value>
  117. </util:list>
  118. </beans>