Page History
...
<AttributeExtractor type="XML" validate="true" reloadChanges="false" path="attribute-map.xml"/>
Do we need this?We left this and file(s) it points to unchanged:
<AttributeResolver type="Query" subjectMatch="true"/>
<
...
AttributeFilter type="XML" validate="true" path="attribute-policy.xml"/>
<!-- Simple file-based resolver for using a single keypair. -->We created a key pair:
<CredentialResolver type="File" key="/etc/shibboleth/sp-key.pem" certificate="/etc/shibboleth/sp-cert.pem"/>
</ApplicationDefaults>
<!-- Policies that determine how to process and authenticate runtime messages. -->We left this and file(s) it points to unchanged:
<SecurityPolicyProvider type="XML" validate="true" path="security-policy.xml"/>
<
...
ProtocolProvider type="XML" validate="true" reloadChanges="false" path="protocols.xml"/
...
>
Our Shibboleth configuration has been pared down to the essential ( ? ). If needed, for instance if we want to add functionality to our Shibboleth installation, refer to shibboleth2.xml.dist
...