Page tree

Previous Stable Release

Please note that the V3 release branch is now the previous stable release, with the current stable releases from the V4 branch.
Support for V3 will end on Dec 31, 2020.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Next »

This metadata provider was added in v3.3.0.

The LocalDynamicMetadataProvider fetches metadata from a local source dynamically as needed.

The deployer is responsible for populating the local source with data, which may be done while the metadata provider is running.  New metadata will be seen automatically the first time it is requested. 

A common use case will be to use a filesystem directory as the local source.  A convenience attribute sourceDirectory is supplied to facilitate this configuration.  In this case, the deployer adds XML files each containing a single <md:EntityDescriptor> element to the sourceDirectory.  By default, when using the sourceDirectory the file naming convention will be the lower case hex-encoded SHA-1 digest of the entityID, suffixed with ".xml".  For example, the metadata for the entity with entityID "urn:test:foobar" will be resolved from the sourceDirectory with filename "d278c9975472a6b4827b1a8723192b4e99aa969c.xml".

Note that with the default entityID digest mechanism, the digested value should not include any leading or trailing whitespace (in particular, no trailing new line character):

Example generating default source key with OpenSSL
$ echo -n "urn:test:foobar" | openssl sha1

Schema Names and location

The <MetadataProvider> element and the type LocalDynamicMetadataProvider are defined by the urn:mace:shibboleth:2.0:metadata schema, which can be located at


Any of the Common Attributes or the Dynamic Attributes may be configured.

The source directory and the cache directory must be distinct

Note that the reference to persistent caching among the dynamic attributes is distinct from the local store of metadata. While it is possible, though probably unusual, to enable persistent caching of local metadata, do NOT rely on the same directory for both the source and caching, as this would cause the removal of cached metadata to actually remove the underlying metadata from your system.

In addition, the following attributes are available on a LocalDynamicMetadataProvider:


Convenience mechanism for wiring a FilesystemLoadSaveManager, loading from the specified source directory in the local filesystem. This attribute will be ignored if sourceManagerRef is also specified.  Either this attribute or sourceManagerRef is required.

sourceManagerRefBean ID
Identifies the Spring bean for the XMLObjectLoadSaveManager which serves as the local source of metadata.  Either this attribute or sourceDirectory is required.
sourceKeyGeneratorRefBean IDinternal default instanceIdentifies a Spring bean for a Function which generates the string key used with the XMLObjectLoadSaveManager. The internal default implementation produces the lower-case hex-encoded SHA-1 digest of the entityID of the input criterion.  If the manager was effectively specified via sourceDirectory, then the internal default implementation suffixes this source key with ".xml".

Child Elements

Any of the following child elements may be specified (in order).

<MetadataFilter>0 or moreA metadata filter applied to candidate metadata as it flows through the metadata pipeline

The <MetadataFilter> child element is common to all metadata providers. The LocalDynamicMetadataProvider type has no child elements of its own.

  • No labels