The example configurations provided here are intended to demonstrate techniques rather than provide real functionality. Most make assumptions about reading and writing from local files under the
Reads an XML file, removes any person or organization contact information, wraps it in an
Reads in the UK federation metadata aggregate, verifies its signature, removes the shibboleth.net entities, removes all roles except
Reads in the US, UK, and local metadata and for each one checks the signature (and fails if the signature is bad), validates the validUtil constraint, disassembles al EntityDescriptors, and validates the schema of each EntityDescriptor. Then all the inputs are merged together and schema invalid items logged and removed. Finally, three output streams are constructed, one that contains all entities, one that contains only IdPs, and one that contains only SP. Each stream is assembled into an EntitiesDescriptor, a validUntil constraints is added, and the entire thing is signed and written out to a file. Also demonstrates various ways to remove some of the verbosity of Spring bean files.
|Sign using PKCS#11||Demonstrates signing metadata documents using PKCS#11 tokens (such as smart cards or Hardware Security Modules).|
|Per-entity Output||Reads a SAML metadata aggregate, decomposes it into individual entities, signs each and writes the signed per-entity metadata into separate files within a specified directory.|