An Overview of the Configuration Files
...
If your application uses an attribute authority (AA) for attribute queries, you should copy the AA metadata to /WEB-INF/saml2/sp/metadata folder together with the IDP metadata file. The name of each file is insignificant, but should have the suffix .xml.
Key rotation
In order to use Key Rotation feature and update IDP/AA metadata automatically a ".href" file must exist. Don't be confused with the file extension since it is just a normal properties file in "key=value" format.
The file must be located at the same directory as the IDP/AA metadata file:
/WEB-INF/saml2/sp/metadata
The following properties are supported in ".href" file:
| Value type | ||
|---|---|---|
entityId | string | An entity identifier. Should be taken from IDP/AA metadata: <md:EntityDescriptor entityId="https://localhost:8443/uas"...> |
type | - IDP (Identity Provider); - AA (Attribute Authority). | An entity type. |
url | string | A URL to fetch metadata from. The same URL where SAML 2.0 IDP/AA metadata was fetched initially. See "Get the Metadata of the Identity Provider" step. |
refreshInterval | number | An interval in seconds to fetch the metadata. |
The example:
| Code Block | ||
|---|---|---|
| ||
entityId=https://localhost:8443/uas
type=AA
url=https://localhost:8443/uas/saml2/metadata.xml
refreshInterval=20 |