...
Download
Download saml-md-aggregator-standalone.jar
Create some metadata
Move to a directory where you have a bunch of metadata each EntityDescriptor in a separate file. The names of the files doesn't matter. The filename except the extension (.xml) will become the "ID" attribute on each EntityDescriptor as it is signed and returned to requestors.
| Code Block |
|---|
# cd /path/to/metadata
# ls
idp.example.org.xml sp.example.org.xml
|
Make a keystore (or use an existing one)
Use keytool to generate a keystore with a signing key in it - eg
| Code Block |
|---|
keytool -genkeypair -alias mdx -keypass secret123 -keystore mdx.jks
... answer a bunch of questions ...
|
Alternatively you can use an existing keystore. In the example below just change the mdx.signer.alias parameter and add a parameter mdx.signer.keystore pointing to the keystore file.
Run the aggregator
| Code Block |
|---|
java -Dmdx.store.url=/path/to/metadata \
-Dmdx.signer.alias=mdx \
-Dmdx.signer.pin=secret123 \
-Dmdx.signer.validity=3600 -jar saml-md-aggregator-standalone.jar &
|
This will setup an aggregator that signs each request with the generated key pair and sets the validUntil element on the EntityDescriptor elemets to 1 hour from the time of signing.
Test it all out
Point your browser at http://localhost:8080/md/all
and look a your stuff
Get all of your idp:s as an EntitiesDescriptor document
| Code Block |
|---|
# wget -qO- http://localhost:8080/entity/all+idp
|
Get all of your sp:s as an EntitiesDescriptor document
| Code Block |
|---|
# wget -qO- http://localhost:8080/entity/all+sp
|