Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
Last revisionBoth sides next revision
en:metadata_local [2021/03/02 15:23] – [Activation in the Administration Tool] Silke Meyeren:metadata_local [2023/03/02 12:29] – updated text to new MDV Silke Meyer
Line 1: Line 1:
-FIXME **This page is not fully translated, yet. Please help completing the translation.**\\ //(remove this paragraph once the translation is finished)// 
- 
 ====== Local Metadata ====== ====== Local Metadata ======
  
Line 18: Line 16:
  
  
-===== Activation in the Administration Tool =====+===== Local Metadata in the Administration Tool =====
  
-You can activate the generation of local metadata for your institution in the [[https://www.aai.dfn.de/verwaltung/|Metadata administration tool]], in the section "Contracts" (via the tool symbol). You can optionally limit access to the download URL of your metadata file to certain IP address ranges.+We start to generate a local metadata file for your organization when you add your first SP to local metadata. You can find the download URL in the metadata administration tool, in the overview of your organization, in the local metadata section. 
 + 
 +You can optionally limit access to the download URL to certain IP address ranges.
  
 {{:en:metadata_admin_tool:local-metadata_htaccess.png?400|}} {{:en:metadata_admin_tool:local-metadata_htaccess.png?400|}}
  
-After activation you can add your IdP and as many SPs as needed: Just edit each of them and select "local metadata" instead of a big federation at the very bottom of the page.+====== Configuration ====== 
 +===== Shibboleth IdP =====
  
-{{:en:metadata_admin_tool:select-federation.png?400|}}+Add an additional ''<MetadataProvider>'' element to ''./conf/metadata-providers.xml''.
  
-The download URL has the following format ''https://www.aai.dfn.de/fileadmin/metadata/dfn-aai-local-999-metadata.xml'' (where "999" has to be replaced for each institution). +<callout color="#ff9900" title="Replace the institution number!"> 
-Go back to the start page and hover your mouse over the download link to see it. +Please replace the number "999" from this example with your institution number from the link above.
- +
-{{:en:metadata_admin_tool:download-link.png?300|}} +
- +
-====== Konfiguration ====== +
-===== Shibboleth IdP ===== +
-Für die lokalen Metadaten muss in ''./conf/metadata-providers.xml'' ein weiteres ''<MetadataProvider>''-Element hinzugefügt werden.  +
-<callout color="#ff9900" title="Eigene Einrichtungsnummer verwenden!"> +
-Bitte ersetzen Sie die "999" aus dem Beispiel durch Ihr eigene Einrichtungsnummer (s.o.)!+
 </callout> </callout>
  
Line 48: Line 41:
             xsi:type="FileBackedHTTPMetadataProvider"             xsi:type="FileBackedHTTPMetadataProvider"
             backingFile="%{idp.home}/metadata/dfn-aai-sp-metadata.xml"             backingFile="%{idp.home}/metadata/dfn-aai-sp-metadata.xml"
-            metadataURL="http://www.aai.dfn.de/fileadmin/metadata/dfn-aai-sp-metadata.xml"+            metadataURL="http://www.aai.dfn.de/metadata/dfn-aai-sp-metadata.xml"
             maxRefreshDelay="PT2H">             maxRefreshDelay="PT2H">
             <MetadataFilter xsi:type="SignatureValidation" requireSignedRoot="true"             <MetadataFilter xsi:type="SignatureValidation" requireSignedRoot="true"
Line 57: Line 50:
             xsi:type="FileBackedHTTPMetadataProvider"             xsi:type="FileBackedHTTPMetadataProvider"
             backingFile="%{idp.home}/metadata/dfn-aai-local-999-metadata.xml"             backingFile="%{idp.home}/metadata/dfn-aai-local-999-metadata.xml"
-            metadataURL="http://www.aai.dfn.de/fileadmin/metadata/dfn-aai-local-999-metadata.xml"+            metadataURL="http://www.aai.dfn.de/metadata/dfn-aai-local-999-metadata.xml"
             maxRefreshDelay="PT2H">             maxRefreshDelay="PT2H">
             <MetadataFilter xsi:type="SignatureValidation" requireSignedRoot="true"             <MetadataFilter xsi:type="SignatureValidation" requireSignedRoot="true"
Line 71: Line 64:
 ===== Shibboleth SP ===== ===== Shibboleth SP =====
  
-Beim Shibboleth SP fügt man in ''/etc/shibboleth/shibboleth2.xml'' einen zusätzlichen Metadataprovider hinzu:+Add an additional metadata provider in ''/etc/shibboleth/shibboleth2.xml'':
  
 <file xml /etc/shibboleth/shibboleth2.xml> <file xml /etc/shibboleth/shibboleth2.xml>
     ...     ...
-   <MetadataProvider type="XML" url="http://www.aai.dfn.de/fileadmin/metadata/dfn-aai-local-999-metadata.xml"+   <MetadataProvider type="XML" url="http://www.aai.dfn.de/metadata/dfn-aai-local-999-metadata.xml"
          validate="true" backingFilePath="dfn-aai-local-999-metadata.xml" reloadInterval="3600">          validate="true" backingFilePath="dfn-aai-local-999-metadata.xml" reloadInterval="3600">
        <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai.pem"/>        <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai.pem"/>
Line 81: Line 74:
     ...     ...
 </file> </file>
-{{tag>lokale-metadaten}}+{{tag>local-metadata metadata}}
  • Last modified: 15 months ago