This command line configuration example:
- reads a file
path/to/metadata.xmlcontaining a SAML metadata aggregate - decomposes that aggregate into its constituent entity metadata documents
- signs each of those per-entity documents using a private key located in
path/to/private-key.pem - writes the results into multiple files in the directory
path/to/output- each file is named as a function of the entity's
entityIDattribute:- the string
"_", followed by - a lower-case, hex-encoded, SHA-1 hash of the
entityID, followed by - the string
".xml"
- the string
- each file is named as a function of the entity's
You can execute the example as follows:
$ .../mda.sh config.xml main
The example configuration file is as follows; it has been verified with MDA version 0.9.2:
<?xml version="1.0" encoding="UTF-8"?>
<beans default-init-method="initialize"
xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd">
<!-- First, we define the stages for our pipeline -->
<bean id="source" class="net.shibboleth.metadata.dom.DOMFilesystemSourceStage">
<property name="id" value="source"/>
<property name="parserPool">
<bean class="net.shibboleth.utilities.java.support.xml.BasicParserPool" init-method="initialize"/>
</property>
<property name="source">
<bean class="java.io.File">
<constructor-arg value="path/to/metadata.xml"/>
</bean>
</property>
</bean>
<bean id="disassembleEntitiesDescriptor" class="net.shibboleth.metadata.dom.saml.EntitiesDescriptorDisassemblerStage">
<property name="id" value="disassembleEntitiesDescriptor"/>
</bean>
<bean id="populateItemIds" class="net.shibboleth.metadata.dom.saml.EntityDescriptorItemIdPopulationStage">
<property name="id" value="populateItemIds"/>
</bean>
<bean id="generateContentReferenceId" class="net.shibboleth.metadata.dom.saml.GenerateIdStage">
<property name="id" value="generateContentReferenceId" />
</bean>
<bean id="signMetadata" class="net.shibboleth.metadata.dom.XMLSignatureSigningStage">
<property name="id" value="signMetadata"/>
<property name="privateKey">
<bean class="net.shibboleth.ext.spring.factory.PrivateKeyFactoryBean">
<property name="resource">
<bean class="org.springframework.core.io.FileSystemResource">
<constructor-arg>
<bean class="java.io.File">
<constructor-arg value="path/to/private-key.pem"/>
</bean>
</constructor-arg>
</bean>
</property>
</bean>
</property>
</bean>
<bean id="serialize" class="net.shibboleth.metadata.pipeline.MultiOutputSerializationStage">
<property name="id" value="serializeIdPs"/>
<property name="serializer">
<bean id="domSerializer" class="net.shibboleth.metadata.dom.DOMElementSerializer" />
</property>
<property name="outputStrategy">
<bean class="net.shibboleth.metadata.pipeline.FilesInDirectoryMultiOutputStrategy">
<property name="nameSuffix" value=".xml"/>
<property name="namePrefix" value="_"/>
<property name="directory">
<bean class="java.io.File">
<constructor-arg value="path/to/output"/>
</bean>
</property>
<property name="nameTransformer">
<bean class="net.shibboleth.metadata.util.SHA1StringTransformer"/>
</property>
</bean>
</property>
</bean>
<!-- Next we define a pipeline with all the stages in it -->
<bean id="main" class="net.shibboleth.metadata.pipeline.SimplePipeline" init-method="initialize">
<property name="id" value="main"/>
<property name="stages">
<list>
<ref bean="source"/>
<ref bean="disassembleEntitiesDescriptor"/>
<ref bean="populateItemIds"/>
<ref bean="generateContentReferenceId" />
<ref bean="signMetadata"/>
<ref bean="serialize" />
</list>
</property>
</bean>
</beans>
