Skip to content

Commit

Permalink
Incorporate eduGAIN import channel. Also implement an imported entity…
Browse files Browse the repository at this point in the history 
… blacklist facility that we can use to make signings less noisy by removing known-bad entities prior to checking.
  • Loading branch information
@iay
iay committed Sep 2, 2013
1 parent abfa172 commit de9bfbe
Show file tree
Hide file tree
Showing 2 changed files with 53 additions and 0 deletions.
28 changes: 28 additions & 0 deletions mdx/uk/blacklist.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
default-lazy-init="true"
xmlns:c="http://www.springframework.org/schema/c"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd">

<!--
*********************************************************
*** ***
*** I M P O R T E N T I T Y B L A C K L I S T ***
*** ***
*********************************************************
-->

<!--
Any entity listed in the set below will be discarded from all import channels
without being processed. This will mean that no errors will be observed for it,
reducing the noise involved in a signing run.
-->
<util:set id="importEntityBlacklist">
</util:set>

</beans>
25 changes: 25 additions & 0 deletions mdx/uk/generate.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,13 +21,15 @@
Import channel-specific beans.
-->
<import resource="classpath:uk/beans.xml"/>
<import resource="classpath:uk/blacklist.xml"/>

<!--
Import beans from other channels.
-->
<import resource="classpath:ie_edugate/beans.xml"/>
<import resource="classpath:se_swamid/beans.xml"/>
<import resource="classpath:us_incommon/beans.xml"/>
<import resource="classpath:int_edugain/beans.xml"/>


<!--
Expand Down Expand Up @@ -215,6 +217,17 @@
<property name="whitelistingRegistrationAuthorities" value="false"/>
</bean>

<!--
removeBlacklistedEntities
Filter out entities which are included in our global import blacklist.
-->
<bean id="removeBlacklistedEntities" parent="stage_parent"
class="net.shibboleth.metadata.dom.saml.EntityFilterStage"
p:id="us_incommon_pilot_filterEntities"
p:whitelistingEntities="false"
p:designatedEntities-ref="importEntityBlacklist"/>

<!--
importCommonTail
Expand All @@ -225,13 +238,24 @@
<property name="composedStages">
<list>
<ref bean="removeUKEntities"/>
<ref bean="removeBlacklistedEntities"/>
<ref bean="standardImportActions"/>
<ref bean="uk_fix_mailto"/>
<ref bean="uk_hide_idps"/>
</list>
</property>
</bean>

<bean id="uk_int_edugain_importPipeline" parent="SimplePipeline"
p:id="uk_int_edugain_importPipeline">
<property name="stages">
<list>
<ref bean="int_edugain_productionEntities"/>
<ref bean="importCommonTail"/>
</list>
</property>
</bean>

<bean id="uk_ie_edugate_importPipeline" parent="SimplePipeline"
p:id="uk_ie_edugate_importPipeline">
<property name="stages">
Expand Down Expand Up @@ -957,6 +981,7 @@
<ref bean="uk_ie_edugate_importPipeline"/>
<ref bean="uk_us_incommon_importPipeline"/>
<ref bean="uk_se_swamid_importPipeline"/>
<ref bean="uk_int_edugain_importPipeline"/>
</list>
</property>
</bean>
Expand Down

0 comments on commit de9bfbe

Please sign in to comment.