73 lines
3.1 KiB
XML
73 lines
3.1 KiB
XML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<beans xmlns="http://www.springframework.org/schema/beans"
|
||
|
xmlns:context="http://www.springframework.org/schema/context"
|
||
|
xmlns:util="http://www.springframework.org/schema/util"
|
||
|
xmlns:p="http://www.springframework.org/schema/p"
|
||
|
xmlns:c="http://www.springframework.org/schema/c"
|
||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||
|
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
|
||
|
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
|
||
|
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
|
||
|
|
||
|
default-init-method="initialize"
|
||
|
default-destroy-method="destroy">
|
||
|
|
||
|
<!--
|
||
|
Unverified RP configuration, defaults to no support for any profiles. Add <ref> elements to the list
|
||
|
to enable specific default profile settings (as below), or create new beans inline to override defaults.
|
||
|
|
||
|
"Unverified" typically means the IdP has no metadata, or equivalent way of assuring the identity and
|
||
|
legitimacy of a requesting system. To run an "open" IdP, you can enable profiles here.
|
||
|
-->
|
||
|
<bean id="shibboleth.UnverifiedRelyingParty" parent="RelyingParty">
|
||
|
<property name="profileConfigurations">
|
||
|
<list>
|
||
|
<!-- <bean parent="SAML2.SSO" p:encryptAssertions="false" /> -->
|
||
|
</list>
|
||
|
</property>
|
||
|
</bean>
|
||
|
|
||
|
<!-- Default configuration, with default settings applied for all profiles. -->
|
||
|
<bean id="shibboleth.DefaultRelyingParty" parent="RelyingParty">
|
||
|
<property name="profileConfigurations">
|
||
|
<list>
|
||
|
<!-- SAML 1.1 and SAML 2.0 AttributeQuery are disabled by default. -->
|
||
|
<!--
|
||
|
<bean parent="Shibboleth.SSO" />
|
||
|
<ref bean="SAML1.AttributeQuery" />
|
||
|
<ref bean="SAML1.ArtifactResolution" />
|
||
|
-->
|
||
|
<bean parent="SAML2.SSO" />
|
||
|
<ref bean="SAML2.ECP" />
|
||
|
<ref bean="SAML2.Logout" />
|
||
|
<!--
|
||
|
<ref bean="SAML2.AttributeQuery" />
|
||
|
-->
|
||
|
<ref bean="SAML2.ArtifactResolution" />
|
||
|
<ref bean="Liberty.SSOS" />
|
||
|
</list>
|
||
|
</property>
|
||
|
</bean>
|
||
|
|
||
|
<!-- Container for any overrides you want to add. -->
|
||
|
|
||
|
<util:list id="shibboleth.RelyingPartyOverrides">
|
||
|
|
||
|
<!--
|
||
|
Override example that identifies a single RP by name and configures it
|
||
|
for SAML 2 SSO without encryption. This is a common "vendor" scenario.
|
||
|
-->
|
||
|
<!--
|
||
|
<bean id="ExampleSP" parent="RelyingPartyByName" c:relyingPartyIds="https://sp.example.org">
|
||
|
<property name="profileConfigurations">
|
||
|
<list>
|
||
|
<bean parent="SAML2.SSO" p:encryptAssertions="false" />
|
||
|
</list>
|
||
|
</property>
|
||
|
</bean>
|
||
|
-->
|
||
|
|
||
|
</util:list>
|
||
|
|
||
|
</beans>
|