Permalink
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
inc-meta/mdx/uk/collect.xml
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Duplicate check_ukreg as check_ukreg_mda, a version which requires a members bean to be provided as a parameter, for use within the aggregator.
134 lines (113 sloc)
5.1 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!-- | |
| Pipeline to collect UK-registered entities. | |
| --> | |
| <beans xmlns="http://www.springframework.org/schema/beans" | |
| xmlns:util="http://www.springframework.org/schema/util" | |
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xsi:schemaLocation=" | |
| http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd | |
| http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd"> | |
| <!-- | |
| Import commonly used beans. | |
| --> | |
| <import resource="../common-beans.xml"/> | |
| <!-- | |
| Import UK-specific beans. | |
| --> | |
| <import resource="beans.xml"/> | |
| <!-- | |
| fetchUkFragmentFiles | |
| Collects all the UK metadata "fragment files" from the /entities directory. | |
| Each fragment file contains a single EntityDescriptor. The name of each | |
| eligible file matches a particular regular expression. | |
| --> | |
| <bean id="fetchUkFragmentFiles" class="net.shibboleth.metadata.dom.DomFilesystemSourceStage" | |
| init-method="initialize"> | |
| <property name="id" value="fetchUkFragmentFiles"/> | |
| <property name="parserPool" ref="parserPool"/> | |
| <property name="source"> | |
| <bean class="java.io.File"> | |
| <constructor-arg value="#{ systemProperties['basedir'] }/entities"/> | |
| </bean> | |
| </property> | |
| <property name="sourceFileFilter"> | |
| <bean class="uk.org.ukfederation.mda.RegexFileFilter"> | |
| <constructor-arg value="uk\d{6}.xml"/> | |
| </bean> | |
| </property> | |
| </bean> | |
| <!-- | |
| filterDeletedEntities | |
| Remove entity items which have the ukfedlabel:DeletedEntity label on them. | |
| This convention will be replaced at some point by the files not being available | |
| for collection in the first place. | |
| --> | |
| <bean id="filterDeletedEntities" class="net.shibboleth.metadata.dom.XPathFilteringStage" | |
| init-method="initialize"> | |
| <property name="id" value="filterDeletedEntities"/> | |
| <constructor-arg name="expression" value="//ukfedlabel:DeletedEntity"/> | |
| <constructor-arg name="prefixMappings" ref="commonNamespaces"/> | |
| </bean> | |
| <!-- | |
| processScopes | |
| This stage normalises scope handling in two ways particular to the UK | |
| federation: | |
| * we make all three potential scope lists equivalent (on the entity, on | |
| the IDPSSODescriptor and on the AttributeAuthority) | |
| * we inject scopes "pushed" to entities from the members.xml file | |
| This transform can be run on individual EntityDescriptors or on an | |
| aggregate EntitiesDescriptor. | |
| --> | |
| <bean id="processScopes" class="net.shibboleth.metadata.dom.XSLTransformationStage" | |
| init-method="initialize"> | |
| <property name="id" value="processScopes"/> | |
| <property name="xslResource"> | |
| <bean class="org.opensaml.util.resource.FilesystemResource"> | |
| <constructor-arg value="#{ systemProperties['basedir'] }/mdx/uk/scopes.xsl"/> | |
| </bean> | |
| </property> | |
| <property name="transformParameters"> | |
| <map> | |
| <entry key="membersDocument" value-ref="membersDocument"/> | |
| </map> | |
| </property> | |
| </bean> | |
| <!-- | |
| pipeline | |
| --> | |
| <bean id="pipeline" class="net.shibboleth.metadata.pipeline.SimplePipeline"> | |
| <property name="id" value="pipeline"/> | |
| <property name="stages"> | |
| <list> | |
| <ref bean="fetchUkFragmentFiles"/> | |
| <ref bean="filterDeletedEntities"/> | |
| <ref bean="processFragment"/> | |
| <ref bean="populateItemIds"/> | |
| <ref bean="populateUKIds"/> | |
| <ref bean="checkSchemas"/> | |
| <ref bean="CHECK.std"/> | |
| <ref bean="check_ukreg"/> | |
| <!-- failure of any check on registered metadata is fatal --> | |
| <ref bean="errorTerminatingFilter"/> | |
| <ref bean="assemble.uk"/> | |
| <!-- | |
| Process scopes on the entities. Because the transform performs | |
| a fairly heavyweight extraction operation on the members document | |
| before applying the results, this is best done on the resulting | |
| aggregate so that the extraction happens only once. | |
| A better long-term alternative would be to build support for | |
| this on a per-entity or per-owner basis into the Members bean. | |
| --> | |
| <ref bean="processScopes"/> | |
| <!-- | |
| Add the federation trust roots. | |
| --> | |
| <ref bean="addUKTrustRoots"/> | |
| <!-- failure of any check on registered metadata is fatal --> | |
| <ref bean="errorTerminatingFilter"/> | |
| <ref bean="normaliseNamespaces"/> | |
| </list> | |
| </property> | |
| </bean> | |
| </beans> |