<md:EntitiesDescriptor> element of a remotely obtained metadata file should be decorated with a
validUntil XML attribute. Before the metadata is loaded, the expiration date is checked. If the
validUntil attribute indicates the metadata is expired, the metadata is discarded.
The validity check described in the previous paragraph is always performed, regardless of the filters applied to the metadata. In addition to this basic validity check, the
RequiredValidUntil filter is used to detect metadata that never expires or has too long a validity period, both of which undermine the usual trust model supported by Shibboleth. In particular, the
RequiredValidUntil filter refuses to load the metadata if either of the following conditions is true:
The root XML element does not contain a
- The value of the
validUntilattribute is too far into the future as specified by the
Metadata expiry is important!
In practice, a
SignatureValidation filter and a
RequiredValidUntil filter are often used together to securely obtain remote metadata via HTTP. See the
DynamicHTTPMetadataProvider topics for explicit configuration examples. Other distribution models are discussed in the TrustManagement topic.
<MetadataFilter> element and the type
RequiredValidUntil are defined by the
urn:mace:shibboleth:2.0:metadata schema, which can be located at http://shibboleth.net/schema/idp/shibboleth-metadata.xsd.
|ISO 8601 duration|
Defines the window within which the metadata is valid
maxValidityIntervalXML attribute is omitted, any value of
validUntilwill be accepted (which is probably not what you want to do).