diff options
author | olavmrk <olavmrk@a716ebb1-153a-0410-b759-cfb97c6a1b53> | 2011-05-18 10:49:25 +0000 |
---|---|---|
committer | olavmrk <olavmrk@a716ebb1-153a-0410-b759-cfb97c6a1b53> | 2011-05-18 10:49:25 +0000 |
commit | 72ae1cf68711a31ec62e27e8854b2100c8931c7e (patch) | |
tree | 638f16a9f6aca137704b51afe90f99e10260bd1a /README | |
parent | b300601da94d8ec029ba7e55491f36dcee95b995 (diff) | |
download | mod_auth_mellon-72ae1cf68711a31ec62e27e8854b2100c8931c7e.tar.gz mod_auth_mellon-72ae1cf68711a31ec62e27e8854b2100c8931c7e.tar.xz mod_auth_mellon-72ae1cf68711a31ec62e27e8854b2100c8931c7e.zip |
Add support for loading federation metadata files.
Patch originally created by Emmanuel Dreyfus, some changes by me.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@129 a716ebb1-153a-0410-b759-cfb97c6a1b53
Diffstat (limited to 'README')
-rw-r--r-- | README | 18 |
1 files changed, 17 insertions, 1 deletions
@@ -357,11 +357,20 @@ MellonPostCount 100 # metadata for the IdP you are authenticating against. This # directive is required. Mutliple IdP metadata can be configured # by using multiple MellonIdPMetadataFile directives. + # + # If your lasso library is recent enough (higher than 2.3.5), + # then MellonIdPMetadataFile will accept an XML file containing + # descriptors for multiple IdP. An optional validating chain can + # be supplied as a second argument to MellonIdPMetadataFile. If + # ommitted, no metadata validation will take place. + # # Default: None set. MellonIdPMetadataFile /etc/apache2/mellon/idp-metadata.xml # MellonIdPMetadataGlob is a glob(3) pattern enabled alternative - # to MellonIdPMetadataFile. + # to MellonIdPMetadataFile. Like MellonIdPMetadataFile it will + # accept an optional validating chain if lasso is recent enough. + # # Default: None set. #MellonIdPMetadataGlob /etc/apache2/mellon/*-metadata.xml @@ -378,6 +387,13 @@ MellonPostCount 100 # Default: None set. MellonIdPCAFile /etc/apache2/mellon/ca.pem + # MellonIdPIgnore lists IdP entityId that should not loaded + # from XML federation metadata files. This is usefull if an + # IdP cause bugs. Multiple entityId may be specified through + # single MellonIdPIgnore, and multiple MellonIdPIgnore are allowed. + # Default: None set. + #MellonIdPIgnore "https://bug.example.net/saml/idp" + # MellonDiscoveryURL is the URL for IdP discovery service. # This is used for selecting among multiple configured IdP. # On initiali user authentication, it is redirected to the |