From 449e58c376186ed1ac53cdb8900c4bf57b7433bf Mon Sep 17 00:00:00 2001 From: Paul Caskey Date: Thu, 19 Jan 2017 17:13:19 -0600 Subject: [PATCH] remove doc and dist folders --- dist/conf/access-control.xml.dist | 32 -- dist/conf/attribute-filter.xml.dist | 45 --- dist/conf/attribute-resolver-full.xml.dist | 295 ------------------ dist/conf/attribute-resolver-ldap.xml.dist | 97 ------ dist/conf/attribute-resolver.xml.dist | 95 ------ dist/conf/audit.xml.dist | 103 ------ dist/conf/authn/authn-comparison.xml.dist | 77 ----- dist/conf/authn/authn-events-flow.xml.dist | 18 -- .../conf/authn/external-authn-config.xml.dist | 62 ---- dist/conf/authn/general-authn.xml.dist | 114 ------- .../authn/ipaddress-authn-config.xml.dist | 37 --- dist/conf/authn/jaas-authn-config.xml.dist | 27 -- dist/conf/authn/jaas.config.dist | 11 - dist/conf/authn/krb5-authn-config.xml.dist | 31 -- dist/conf/authn/ldap-authn-config.xml.dist | 130 -------- .../conf/authn/password-authn-config.xml.dist | 109 ------- .../authn/remoteuser-authn-config.xml.dist | 67 ---- .../remoteuser-internal-authn-config.xml.dist | 63 ---- dist/conf/authn/spnego-authn-config.xml.dist | 69 ---- dist/conf/authn/x509-authn-config.xml.dist | 41 --- .../authn/x509-internal-authn-config.xml.dist | 21 -- ...ibute-sourced-subject-c14n-config.xml.dist | 44 --- .../c14n/simple-subject-c14n-config.xml.dist | 27 -- .../c14n/subject-c14n-events-flow.xml.dist | 18 -- dist/conf/c14n/subject-c14n.xml.dist | 109 ------- .../c14n/x500-subject-c14n-config.xml.dist | 37 --- dist/conf/cas-protocol.xml.dist | 53 ---- dist/conf/credentials.xml.dist | 65 ---- dist/conf/errors.xml.dist | 120 ------- dist/conf/global.xml.dist | 53 ---- dist/conf/idp.properties.dist | 194 ------------ .../consent-intercept-config.xml.dist | 136 -------- .../context-check-intercept-config.xml.dist | 42 --- .../intercept/intercept-events-flow.xml.dist | 18 -- .../conf/intercept/profile-intercept.xml.dist | 36 --- dist/conf/ldap.properties.dist | 60 ---- dist/conf/logback.xml.dist | 166 ---------- dist/conf/metadata-providers.xml.dist | 72 ----- dist/conf/mvc-beans.xml.dist | 23 -- dist/conf/relying-party.xml.dist | 70 ----- dist/conf/saml-nameid.properties.dist | 35 --- dist/conf/saml-nameid.xml.dist | 62 ---- dist/conf/services.properties.dist | 61 ---- dist/conf/services.xml.dist | 145 --------- dist/conf/session-manager.xml.dist | 45 --- .../account-locked-flow.xml.dist | 16 - .../authn/conditions/conditions-flow.xml.dist | 35 --- .../expired-password-flow.xml.dist | 16 - .../expiring-password-flow.xml.dist | 32 -- dist/flows/user/prefs/prefs-flow.xml.dist | 25 -- dist/messages/authn-messages.properties.dist | 73 ----- .../messages/consent-messages.properties.dist | 77 ----- dist/messages/error-messages.properties.dist | 119 ------- dist/views/error.vm.dist | 71 ----- dist/views/expiring-password.vm.dist | 53 ---- .../views/intercept/attribute-release.vm.dist | 148 --------- dist/views/intercept/terms-of-use.vm.dist | 67 ---- dist/views/login-error.vm.dist | 24 -- dist/views/login.vm.dist | 138 -------- dist/views/logout-complete.vm.dist | 58 ---- dist/views/logout-propagate.vm.dist | 57 ---- dist/views/logout.vm.dist | 92 ------ dist/views/resolvertest.vm.dist | 47 --- dist/views/spnego-unavailable.vm.dist | 48 --- dist/views/user-prefs.js.dist | 45 --- dist/views/user-prefs.vm.dist | 59 ---- doc/BC-LICENSE.txt | 17 - doc/CREDITS.txt | 94 ------ doc/JQUERY-LICENSE.txt | 20 -- doc/README.txt | 22 -- doc/RELEASE-NOTES.txt | 6 - doc/SPYMEMCACHED-LICENSE.txt | 20 -- 72 files changed, 4714 deletions(-) delete mode 100644 dist/conf/access-control.xml.dist delete mode 100644 dist/conf/attribute-filter.xml.dist delete mode 100644 dist/conf/attribute-resolver-full.xml.dist delete mode 100644 dist/conf/attribute-resolver-ldap.xml.dist delete mode 100644 dist/conf/attribute-resolver.xml.dist delete mode 100644 dist/conf/audit.xml.dist delete mode 100644 dist/conf/authn/authn-comparison.xml.dist delete mode 100644 dist/conf/authn/authn-events-flow.xml.dist delete mode 100644 dist/conf/authn/external-authn-config.xml.dist delete mode 100644 dist/conf/authn/general-authn.xml.dist delete mode 100644 dist/conf/authn/ipaddress-authn-config.xml.dist delete mode 100644 dist/conf/authn/jaas-authn-config.xml.dist delete mode 100644 dist/conf/authn/jaas.config.dist delete mode 100644 dist/conf/authn/krb5-authn-config.xml.dist delete mode 100644 dist/conf/authn/ldap-authn-config.xml.dist delete mode 100644 dist/conf/authn/password-authn-config.xml.dist delete mode 100644 dist/conf/authn/remoteuser-authn-config.xml.dist delete mode 100644 dist/conf/authn/remoteuser-internal-authn-config.xml.dist delete mode 100644 dist/conf/authn/spnego-authn-config.xml.dist delete mode 100644 dist/conf/authn/x509-authn-config.xml.dist delete mode 100644 dist/conf/authn/x509-internal-authn-config.xml.dist delete mode 100644 dist/conf/c14n/attribute-sourced-subject-c14n-config.xml.dist delete mode 100644 dist/conf/c14n/simple-subject-c14n-config.xml.dist delete mode 100644 dist/conf/c14n/subject-c14n-events-flow.xml.dist delete mode 100644 dist/conf/c14n/subject-c14n.xml.dist delete mode 100644 dist/conf/c14n/x500-subject-c14n-config.xml.dist delete mode 100644 dist/conf/cas-protocol.xml.dist delete mode 100644 dist/conf/credentials.xml.dist delete mode 100644 dist/conf/errors.xml.dist delete mode 100644 dist/conf/global.xml.dist delete mode 100644 dist/conf/idp.properties.dist delete mode 100644 dist/conf/intercept/consent-intercept-config.xml.dist delete mode 100644 dist/conf/intercept/context-check-intercept-config.xml.dist delete mode 100644 dist/conf/intercept/intercept-events-flow.xml.dist delete mode 100644 dist/conf/intercept/profile-intercept.xml.dist delete mode 100644 dist/conf/ldap.properties.dist delete mode 100644 dist/conf/logback.xml.dist delete mode 100644 dist/conf/metadata-providers.xml.dist delete mode 100644 dist/conf/mvc-beans.xml.dist delete mode 100644 dist/conf/relying-party.xml.dist delete mode 100644 dist/conf/saml-nameid.properties.dist delete mode 100644 dist/conf/saml-nameid.xml.dist delete mode 100644 dist/conf/services.properties.dist delete mode 100644 dist/conf/services.xml.dist delete mode 100644 dist/conf/session-manager.xml.dist delete mode 100644 dist/flows/authn/conditions/account-locked/account-locked-flow.xml.dist delete mode 100644 dist/flows/authn/conditions/conditions-flow.xml.dist delete mode 100644 dist/flows/authn/conditions/expired-password/expired-password-flow.xml.dist delete mode 100644 dist/flows/authn/conditions/expiring-password/expiring-password-flow.xml.dist delete mode 100644 dist/flows/user/prefs/prefs-flow.xml.dist delete mode 100644 dist/messages/authn-messages.properties.dist delete mode 100644 dist/messages/consent-messages.properties.dist delete mode 100644 dist/messages/error-messages.properties.dist delete mode 100644 dist/views/error.vm.dist delete mode 100644 dist/views/expiring-password.vm.dist delete mode 100644 dist/views/intercept/attribute-release.vm.dist delete mode 100644 dist/views/intercept/terms-of-use.vm.dist delete mode 100644 dist/views/login-error.vm.dist delete mode 100644 dist/views/login.vm.dist delete mode 100644 dist/views/logout-complete.vm.dist delete mode 100644 dist/views/logout-propagate.vm.dist delete mode 100644 dist/views/logout.vm.dist delete mode 100644 dist/views/resolvertest.vm.dist delete mode 100644 dist/views/spnego-unavailable.vm.dist delete mode 100644 dist/views/user-prefs.js.dist delete mode 100644 dist/views/user-prefs.vm.dist delete mode 100644 doc/BC-LICENSE.txt delete mode 100644 doc/CREDITS.txt delete mode 100644 doc/JQUERY-LICENSE.txt delete mode 100644 doc/README.txt delete mode 100644 doc/RELEASE-NOTES.txt delete mode 100644 doc/SPYMEMCACHED-LICENSE.txt diff --git a/dist/conf/access-control.xml.dist b/dist/conf/access-control.xml.dist deleted file mode 100644 index 9b23ad7..0000000 --- a/dist/conf/access-control.xml.dist +++ /dev/null @@ -1,32 +0,0 @@ - - - - - - - - - - - - - - - - diff --git a/dist/conf/attribute-filter.xml.dist b/dist/conf/attribute-filter.xml.dist deleted file mode 100644 index f8c41ba..0000000 --- a/dist/conf/attribute-filter.xml.dist +++ /dev/null @@ -1,45 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/dist/conf/attribute-resolver-full.xml.dist b/dist/conf/attribute-resolver-full.xml.dist deleted file mode 100644 index d09a1ea..0000000 --- a/dist/conf/attribute-resolver-full.xml.dist +++ /dev/null @@ -1,295 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/dist/conf/attribute-resolver-ldap.xml.dist b/dist/conf/attribute-resolver-ldap.xml.dist deleted file mode 100644 index 9ac44d3..0000000 --- a/dist/conf/attribute-resolver-ldap.xml.dist +++ /dev/null @@ -1,97 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - %{idp.attribute.resolver.LDAP.returnAttributes} - - %{idp.attribute.resolver.LDAP.trustCertificates} - - - - diff --git a/dist/conf/attribute-resolver.xml.dist b/dist/conf/attribute-resolver.xml.dist deleted file mode 100644 index 52b475a..0000000 --- a/dist/conf/attribute-resolver.xml.dist +++ /dev/null @@ -1,95 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - uid - - - - - - - - - - - - - - - - - member - - - - diff --git a/dist/conf/audit.xml.dist b/dist/conf/audit.xml.dist deleted file mode 100644 index 9940cec..0000000 --- a/dist/conf/audit.xml.dist +++ /dev/null @@ -1,103 +0,0 @@ - - - - - - - - - - - http://shibboleth.net/ns/profiles/status - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/dist/conf/authn/authn-comparison.xml.dist b/dist/conf/authn/authn-comparison.xml.dist deleted file mode 100644 index f167b7a..0000000 --- a/dist/conf/authn/authn-comparison.xml.dist +++ /dev/null @@ -1,77 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified - - - diff --git a/dist/conf/authn/authn-events-flow.xml.dist b/dist/conf/authn/authn-events-flow.xml.dist deleted file mode 100644 index 244e1db..0000000 --- a/dist/conf/authn/authn-events-flow.xml.dist +++ /dev/null @@ -1,18 +0,0 @@ - - - - - - - - - - diff --git a/dist/conf/authn/external-authn-config.xml.dist b/dist/conf/authn/external-authn-config.xml.dist deleted file mode 100644 index 4ce8f26..0000000 --- a/dist/conf/authn/external-authn-config.xml.dist +++ /dev/null @@ -1,62 +0,0 @@ - - - - - - - - - - - - - - - - - UnknownUsername - - - - - InvalidPassword - - - - - ExpiredPassword - - - - - ExpiringPassword - - - - - diff --git a/dist/conf/authn/general-authn.xml.dist b/dist/conf/authn/general-authn.xml.dist deleted file mode 100644 index f127a13..0000000 --- a/dist/conf/authn/general-authn.xml.dist +++ /dev/null @@ -1,114 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1 - - - - diff --git a/dist/conf/authn/ipaddress-authn-config.xml.dist b/dist/conf/authn/ipaddress-authn-config.xml.dist deleted file mode 100644 index a3ee096..0000000 --- a/dist/conf/authn/ipaddress-authn-config.xml.dist +++ /dev/null @@ -1,37 +0,0 @@ - - - - - - - - - - - - - - - diff --git a/dist/conf/authn/jaas-authn-config.xml.dist b/dist/conf/authn/jaas-authn-config.xml.dist deleted file mode 100644 index daef4d2..0000000 --- a/dist/conf/authn/jaas-authn-config.xml.dist +++ /dev/null @@ -1,27 +0,0 @@ - - - - - - - - - - - ShibUserPassAuth - - - - - diff --git a/dist/conf/authn/jaas.config.dist b/dist/conf/authn/jaas.config.dist deleted file mode 100644 index 232e93d..0000000 --- a/dist/conf/authn/jaas.config.dist +++ /dev/null @@ -1,11 +0,0 @@ -ShibUserPassAuth { - /* - com.sun.security.auth.module.Krb5LoginModule required; - */ - - org.ldaptive.jaas.LdapLoginModule required - ldapUrl="ldap://localhost:10389" - baseDn="ou=people,dc=example,dc=org" - userFilter="uid={user}"; - -}; \ No newline at end of file diff --git a/dist/conf/authn/krb5-authn-config.xml.dist b/dist/conf/authn/krb5-authn-config.xml.dist deleted file mode 100644 index d3590a2..0000000 --- a/dist/conf/authn/krb5-authn-config.xml.dist +++ /dev/null @@ -1,31 +0,0 @@ - - - - - - - - - - - - - diff --git a/dist/conf/authn/ldap-authn-config.xml.dist b/dist/conf/authn/ldap-authn-config.xml.dist deleted file mode 100644 index 5626629..0000000 --- a/dist/conf/authn/ldap-authn-config.xml.dist +++ /dev/null @@ -1,130 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/dist/conf/authn/password-authn-config.xml.dist b/dist/conf/authn/password-authn-config.xml.dist deleted file mode 100644 index be8b06f..0000000 --- a/dist/conf/authn/password-authn-config.xml.dist +++ /dev/null @@ -1,109 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - NoCredentials - CLIENT_NOT_FOUND - Client not found - DN_RESOLUTION_FAILURE - - - - - InvalidCredentials - PREAUTH_FAILED - INVALID_CREDENTIALS - - - - - Clients credentials have been revoked - - - - - PASSWORD_EXPIRED - - - - - ACCOUNT_WARNING - - - - - - - - diff --git a/dist/conf/authn/remoteuser-authn-config.xml.dist b/dist/conf/authn/remoteuser-authn-config.xml.dist deleted file mode 100644 index b5a923f..0000000 --- a/dist/conf/authn/remoteuser-authn-config.xml.dist +++ /dev/null @@ -1,67 +0,0 @@ - - - - - - - - - - - - - - - - - NoCredentials - - - - - UnknownUsername - - - - - InvalidPassword - - - - - ExpiredPassword - - - - - ExpiringPassword - - - - - diff --git a/dist/conf/authn/remoteuser-internal-authn-config.xml.dist b/dist/conf/authn/remoteuser-internal-authn-config.xml.dist deleted file mode 100644 index 9e68c85..0000000 --- a/dist/conf/authn/remoteuser-internal-authn-config.xml.dist +++ /dev/null @@ -1,63 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/dist/conf/authn/spnego-authn-config.xml.dist b/dist/conf/authn/spnego-authn-config.xml.dist deleted file mode 100644 index 404d7e9..0000000 --- a/dist/conf/authn/spnego-authn-config.xml.dist +++ /dev/null @@ -1,69 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - SPNEGONotAvailable - - - - - NTLMUnsupported - - - - - diff --git a/dist/conf/authn/x509-authn-config.xml.dist b/dist/conf/authn/x509-authn-config.xml.dist deleted file mode 100644 index 0e54f45..0000000 --- a/dist/conf/authn/x509-authn-config.xml.dist +++ /dev/null @@ -1,41 +0,0 @@ - - - - - - - - - - - - - - NoCredentials - InvalidCredentials - - - - - diff --git a/dist/conf/authn/x509-internal-authn-config.xml.dist b/dist/conf/authn/x509-internal-authn-config.xml.dist deleted file mode 100644 index bad3029..0000000 --- a/dist/conf/authn/x509-internal-authn-config.xml.dist +++ /dev/null @@ -1,21 +0,0 @@ - - - - - - diff --git a/dist/conf/c14n/attribute-sourced-subject-c14n-config.xml.dist b/dist/conf/c14n/attribute-sourced-subject-c14n-config.xml.dist deleted file mode 100644 index 938b30f..0000000 --- a/dist/conf/c14n/attribute-sourced-subject-c14n-config.xml.dist +++ /dev/null @@ -1,44 +0,0 @@ - - - - - - altuid - - - - - altuid - - - - - - - - - - - - - diff --git a/dist/conf/c14n/simple-subject-c14n-config.xml.dist b/dist/conf/c14n/simple-subject-c14n-config.xml.dist deleted file mode 100644 index 3cddfa6..0000000 --- a/dist/conf/c14n/simple-subject-c14n-config.xml.dist +++ /dev/null @@ -1,27 +0,0 @@ - - - - - - - - - - - - - - diff --git a/dist/conf/c14n/subject-c14n-events-flow.xml.dist b/dist/conf/c14n/subject-c14n-events-flow.xml.dist deleted file mode 100644 index d7458cd..0000000 --- a/dist/conf/c14n/subject-c14n-events-flow.xml.dist +++ /dev/null @@ -1,18 +0,0 @@ - - - - - - - - - - diff --git a/dist/conf/c14n/subject-c14n.xml.dist b/dist/conf/c14n/subject-c14n.xml.dist deleted file mode 100644 index 16fc6f1..0000000 --- a/dist/conf/c14n/subject-c14n.xml.dist +++ /dev/null @@ -1,109 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress - urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName - urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName - urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos - - - - - - - - - - - - - - - - - diff --git a/dist/conf/c14n/x500-subject-c14n-config.xml.dist b/dist/conf/c14n/x500-subject-c14n-config.xml.dist deleted file mode 100644 index 1ae25e4..0000000 --- a/dist/conf/c14n/x500-subject-c14n-config.xml.dist +++ /dev/null @@ -1,37 +0,0 @@ - - - - - - - - - - - 2.5.4.3 - - - - - - - - - - - - - diff --git a/dist/conf/cas-protocol.xml.dist b/dist/conf/cas-protocol.xml.dist deleted file mode 100644 index 09a05ef..0000000 --- a/dist/conf/cas-protocol.xml.dist +++ /dev/null @@ -1,53 +0,0 @@ - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/dist/conf/credentials.xml.dist b/dist/conf/credentials.xml.dist deleted file mode 100644 index 7462879..0000000 --- a/dist/conf/credentials.xml.dist +++ /dev/null @@ -1,65 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/dist/conf/errors.xml.dist b/dist/conf/errors.xml.dist deleted file mode 100644 index 5de522f..0000000 --- a/dist/conf/errors.xml.dist +++ /dev/null @@ -1,120 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/dist/conf/global.xml.dist b/dist/conf/global.xml.dist deleted file mode 100644 index 60562e3..0000000 --- a/dist/conf/global.xml.dist +++ /dev/null @@ -1,53 +0,0 @@ - - - - - - - - - - - - - - - diff --git a/dist/conf/idp.properties.dist b/dist/conf/idp.properties.dist deleted file mode 100644 index a31bd7e..0000000 --- a/dist/conf/idp.properties.dist +++ /dev/null @@ -1,194 +0,0 @@ -# Load any additional property resources from a comma-delimited list -idp.additionalProperties = /conf/ldap.properties, /conf/saml-nameid.properties, /conf/services.properties - -# Set the entityID of the IdP -idp.entityID = https://idp.example.org - -# Set the scope used in the attribute resolver for scoped attributes -idp.scope = example.org - -# General cookie properties (maxAge only applies to persistent cookies) -#idp.cookie.secure = false -#idp.cookie.httpOnly = true -#idp.cookie.domain = -#idp.cookie.path = -#idp.cookie.maxAge = 31536000 - -# Set the location of user-supplied web flow definitions -#idp.webflows = %{idp.home}/flows - -# Set the location of Velocity view templates -#idp.views = %{idp.home}/views - -# Settings for internal AES encryption key -#idp.sealer.storeType = JCEKS -#idp.sealer.updateInterval = PT15M -#idp.sealer.aliasBase = secret -idp.sealer.storeResource = %{idp.home}/credentials/sealer.jks -idp.sealer.versionResource = %{idp.home}/credentials/sealer.kver -idp.sealer.storePassword = password -idp.sealer.keyPassword = password - -# Settings for public/private signing and encryption key(s) -# During decryption key rollover, point the ".2" properties at a second -# keypair, uncomment in credentials.xml, then publish it in your metadata. -idp.signing.key = %{idp.home}/credentials/idp-signing.key -idp.signing.cert = %{idp.home}/credentials/idp-signing.crt -idp.encryption.key = %{idp.home}/credentials/idp-encryption.key -idp.encryption.cert = %{idp.home}/credentials/idp-encryption.crt -#idp.encryption.key.2 = %{idp.home}/credentials/idp-encryption-old.key -#idp.encryption.cert.2 = %{idp.home}/credentials/idp-encryption-old.crt - -# Sets the bean ID to use as a default security configuration set -#idp.security.config = shibboleth.DefaultSecurityConfiguration - -# To default to SHA-1, set to shibboleth.SigningConfiguration.SHA1 -#idp.signing.config = shibboleth.SigningConfiguration.SHA256 - -# Configures trust evaluation of keys used by services at runtime -# Defaults to supporting both explicit key and PKIX using SAML metadata. -#idp.trust.signatures = shibboleth.ChainingSignatureTrustEngine -# To pick only one set to one of: -# shibboleth.ExplicitKeySignatureTrustEngine, shibboleth.PKIXSignatureTrustEngine -#idp.trust.certificates = shibboleth.ChainingX509TrustEngine -# To pick only one set to one of: -# shibboleth.ExplicitKeyX509TrustEngine, shibboleth.PKIXX509TrustEngine - -# If true, encryption will happen whenever a key to use can be located, but -# failure to encrypt won't result in request failure. -#idp.encryption.optional = false - -# Configuration of client- and server-side storage plugins -#idp.storage.cleanupInterval = PT10M -#idp.storage.htmlLocalStorage = false - -# Set to true to expose more detailed errors in responses to SPs -#idp.errors.detailed = false -# Set to false to skip signing of SAML response messages that signal errors -#idp.errors.signed = true -# Name of bean containing a list of Java exception classes to ignore -#idp.errors.excludedExceptions = ExceptionClassListBean -# Name of bean containing a property set mapping exception names to views -#idp.errors.exceptionMappings = ExceptionToViewPropertyBean -# Set if a different default view name for events and exceptions is needed -#idp.errors.defaultView = error - -# Set to false to disable the IdP session layer -#idp.session.enabled = true - -# Set to "shibboleth.StorageService" for server-side storage of user sessions -#idp.session.StorageService = shibboleth.ClientSessionStorageService - -# Size of session IDs -#idp.session.idSize = 32 -# Bind sessions to IP addresses -#idp.session.consistentAddress = true -# Inactivity timeout -#idp.session.timeout = PT60M -# Extra time to store sessions for logout -#idp.session.slop = PT0S -# Tolerate storage-related errors -#idp.session.maskStorageFailure = false -# Track information about SPs logged into -#idp.session.trackSPSessions = false -# Support lookup by SP for SAML logout -#idp.session.secondaryServiceIndex = false -# Length of time to track SP sessions -#idp.session.defaultSPlifetime = PT2H - -# Regular expression matching login flows to enable, e.g. IPAddress|Password -idp.authn.flows = Password - -# Regular expression of forced "initial" methods when no session exists, -# usually in conjunction with the idp.authn.resolveAttribute property below. -#idp.authn.flows.initial = Password - -# Set to an attribute ID to resolve prior to selecting authentication flows; -# its values are used to filter the flows to allow. -#idp.authn.resolveAttribute = eduPersonAssurance - -# Default lifetime and timeout of various authentication methods -#idp.authn.defaultLifetime = PT60M -#idp.authn.defaultTimeout = PT30M - -# Whether to prioritize "active" results when an SP requests more than -# one possible matching login method (V2 behavior was to favor them) -#idp.authn.favorSSO = true - -# Whether to fail requests when a user identity after authentication -# doesn't match the identity in a pre-existing session. -#idp.authn.identitySwitchIsError = false - -# Set to "shibboleth.StorageService" or custom bean for alternate storage of consent -#idp.consent.StorageService = shibboleth.ClientPersistentStorageService - -# Set to "shibboleth.consent.AttributeConsentStorageKey" to use an attribute -# to key user consent storage records (and set the attribute name) -#idp.consent.userStorageKey = shibboleth.consent.PrincipalConsentStorageKey -#idp.consent.userStorageKeyAttribute = uid - -# Flags controlling how built-in attribute consent feature operates -#idp.consent.allowDoNotRemember = true -#idp.consent.allowGlobal = true -#idp.consent.allowPerAttribute = false - -# Whether attribute values and terms of use text are compared -#idp.consent.compareValues = false -# Maximum number of consent records for space-limited storage (e.g. cookies) -#idp.consent.maxStoredRecords = 10 -# Maximum number of consent records for larger/server-side storage (0 = no limit) -#idp.consent.expandedMaxStoredRecords = 0 - -# Time in milliseconds to expire consent storage records. -#idp.consent.storageRecordLifetime = P1Y - -# Whether to lookup metadata, etc. for every SP involved in a logout -# for use by user interface logic; adds overhead so off by default. -#idp.logout.elaboration = false - -# Whether to require logout requests be signed/authenticated. -#idp.logout.authenticated = true - -# Message freshness and replay cache tuning -#idp.policy.messageLifetime = PT3M -#idp.policy.clockSkew = PT3M - -# Set to custom bean for alternate storage of replay cache -#idp.replayCache.StorageService = shibboleth.StorageService - -# Toggles whether to allow outbound messages via SAML artifact -#idp.artifact.enabled = true -# Suppresses typical signing/encryption when artifact binding used -#idp.artifact.secureChannel = true -# May differ to direct SAML 2 artifact lookups to specific server nodes -#idp.artifact.endpointIndex = 2 -# Set to custom bean for alternate storage of artifact map state -#idp.artifact.StorageService = shibboleth.StorageService - -# Name of access control policy for various admin flows -idp.status.accessPolicy = AccessByIPAddress -idp.resolvertest.accessPolicy = AccessByIPAddress -idp.reload.accessPolicy = AccessByIPAddress - -# Comma-delimited languages to use if not match can be found with the -# browser-supported languages, defaults to an empty list. -idp.ui.fallbackLanguages=en,fr,de - -# Storage service used by CAS protocol -# Defaults to shibboleth.StorageService (in-memory) -# MUST be server-side storage (e.g. in-memory, memcached, database) -# NOTE that idp.session.StorageService requires server-side storage -# when CAS protocol is enabled -#idp.cas.StorageService=shibboleth.StorageService - -# CAS service registry implementation class -#idp.cas.serviceRegistryClass=net.shibboleth.idp.cas.service.PatternServiceRegistry - -# Profile flows in which the ProfileRequestContext should be exposed -# in servlet request under the key "opensamlProfileRequestContext" -#idp.profile.exposeProfileRequestContextInServletRequest = SAML2/POST/SSO,SAML2/Redirect/SSO - -# F-TICKS auditing - set salt to include hashed username -#idp.fticks.federation=MyFederation -#idp.fticks.algorithm=SHA-256 -#idp.fticks.salt=somethingsecret \ No newline at end of file diff --git a/dist/conf/intercept/consent-intercept-config.xml.dist b/dist/conf/intercept/consent-intercept-config.xml.dist deleted file mode 100644 index ca183a7..0000000 --- a/dist/conf/intercept/consent-intercept-config.xml.dist +++ /dev/null @@ -1,136 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - transientId - persistentId - eduPersonTargetedID - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/dist/conf/intercept/context-check-intercept-config.xml.dist b/dist/conf/intercept/context-check-intercept-config.xml.dist deleted file mode 100644 index 809f1d4..0000000 --- a/dist/conf/intercept/context-check-intercept-config.xml.dist +++ /dev/null @@ -1,42 +0,0 @@ - - - - - - - - - - - - - - * - - - - - - - - - - \ No newline at end of file diff --git a/dist/conf/intercept/intercept-events-flow.xml.dist b/dist/conf/intercept/intercept-events-flow.xml.dist deleted file mode 100644 index 5cb30d5..0000000 --- a/dist/conf/intercept/intercept-events-flow.xml.dist +++ /dev/null @@ -1,18 +0,0 @@ - - - - - - - - - - diff --git a/dist/conf/intercept/profile-intercept.xml.dist b/dist/conf/intercept/profile-intercept.xml.dist deleted file mode 100644 index fedc2b2..0000000 --- a/dist/conf/intercept/profile-intercept.xml.dist +++ /dev/null @@ -1,36 +0,0 @@ - - - - - - - - - - - - - - - - - - diff --git a/dist/conf/ldap.properties.dist b/dist/conf/ldap.properties.dist deleted file mode 100644 index 2d2aef2..0000000 --- a/dist/conf/ldap.properties.dist +++ /dev/null @@ -1,60 +0,0 @@ -# LDAP authentication configuration, see authn/ldap-authn-config.xml -# Note, this doesn't apply to the use of JAAS - -## Authenticator strategy, either anonSearchAuthenticator, bindSearchAuthenticator, directAuthenticator, adAuthenticator -#idp.authn.LDAP.authenticator = anonSearchAuthenticator - -## Connection properties ## -idp.authn.LDAP.ldapURL = ldap://localhost:10389 -#idp.authn.LDAP.useStartTLS = true -#idp.authn.LDAP.useSSL = false -#idp.authn.LDAP.connectTimeout = 3000 - -## SSL configuration, either jvmTrust, certificateTrust, or keyStoreTrust -#idp.authn.LDAP.sslConfig = certificateTrust -## If using certificateTrust above, set to the trusted certificate's path -idp.authn.LDAP.trustCertificates = %{idp.home}/credentials/ldap-server.crt -## If using keyStoreTrust above, set to the truststore path -idp.authn.LDAP.trustStore = %{idp.home}/credentials/ldap-server.truststore - -## Return attributes during authentication -## NOTE: there is a separate property used for attribute resolution -idp.authn.LDAP.returnAttributes = passwordExpirationTime,loginGraceRemaining - -## DN resolution properties ## - -# Search DN resolution, used by anonSearchAuthenticator, bindSearchAuthenticator -# for AD: CN=Users,DC=example,DC=org -idp.authn.LDAP.baseDN = ou=people,dc=example,dc=org -#idp.authn.LDAP.subtreeSearch = false -idp.authn.LDAP.userFilter = (uid={user}) -# bind search configuration -# for AD: idp.authn.LDAP.bindDN=adminuser@domain.com -idp.authn.LDAP.bindDN = uid=myservice,ou=system -idp.authn.LDAP.bindDNCredential = myServicePassword - -# Format DN resolution, used by directAuthenticator, adAuthenticator -# for AD use idp.authn.LDAP.dnFormat=%s@domain.com -idp.authn.LDAP.dnFormat = uid=%s,ou=people,dc=example,dc=org - -# LDAP attribute configuration, see attribute-resolver.xml -# Note, this likely won't apply to the use of legacy V2 resolver configurations -idp.attribute.resolver.LDAP.ldapURL = %{idp.authn.LDAP.ldapURL} -idp.attribute.resolver.LDAP.baseDN = %{idp.authn.LDAP.baseDN:undefined} -idp.attribute.resolver.LDAP.bindDN = %{idp.authn.LDAP.bindDN:undefined} -idp.attribute.resolver.LDAP.bindDNCredential = %{idp.authn.LDAP.bindDNCredential:undefined} -idp.attribute.resolver.LDAP.useStartTLS = %{idp.authn.LDAP.useStartTLS:true} -idp.attribute.resolver.LDAP.trustCertificates = %{idp.authn.LDAP.trustCertificates:undefined} -idp.attribute.resolver.LDAP.searchFilter = (uid=$resolutionContext.principal) -idp.attribute.resolver.LDAP.returnAttributes = cn,homephone,mail - -# LDAP pool configuration, used for both authn and DN resolution -#idp.pool.LDAP.minSize = 3 -#idp.pool.LDAP.maxSize = 10 -#idp.pool.LDAP.validateOnCheckout = false -#idp.pool.LDAP.validatePeriodically = true -#idp.pool.LDAP.validatePeriod = 300 -#idp.pool.LDAP.prunePeriod = 300 -#idp.pool.LDAP.idleTime = 600 -#idp.pool.LDAP.blockWaitTime = 3000 -#idp.pool.LDAP.failFastInitialize = false diff --git a/dist/conf/logback.xml.dist b/dist/conf/logback.xml.dist deleted file mode 100644 index 2582d1c..0000000 --- a/dist/conf/logback.xml.dist +++ /dev/null @@ -1,166 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ${idp.logfiles}/idp-process.log - - - ${idp.logfiles}/idp-process-%d{yyyy-MM-dd}.log.gz - ${idp.loghistory:-180} - - - - UTF-8 - %date{ISO8601} - %level [%logger:%line] - %msg%n%ex{short} - - - - - - 0 - - - - - - WARN - - - ${idp.logfiles}/idp-warn.log - - - ${idp.logfiles}/idp-warn-%d{yyyy-MM-dd}.log.gz - ${idp.loghistory:-180} - - - - UTF-8 - %date{ISO8601} - %level [%logger:%line] - %msg%n%ex{short} - - - - - - ${idp.logfiles}/idp-audit.log - - - ${idp.logfiles}/idp-audit-%d{yyyy-MM-dd}.log.gz - ${idp.loghistory:-180} - - - - UTF-8 - %msg%n - - - - - - ${idp.logfiles}/idp-consent-audit.log - - - ${idp.logfiles}/idp-consent-audit-%d{yyyy-MM-dd}.log.gz - ${idp.loghistory:-180} - - - - UTF-8 - %msg%n - - - - - - ${idp.fticks.loghost:-localhost} - ${idp.fticks.logport:-514} - AUTH - [%thread] %logger %msg - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/dist/conf/metadata-providers.xml.dist b/dist/conf/metadata-providers.xml.dist deleted file mode 100644 index 49fd53c..0000000 --- a/dist/conf/metadata-providers.xml.dist +++ /dev/null @@ -1,72 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/dist/conf/mvc-beans.xml.dist b/dist/conf/mvc-beans.xml.dist deleted file mode 100644 index 98d9bcd..0000000 --- a/dist/conf/mvc-beans.xml.dist +++ /dev/null @@ -1,23 +0,0 @@ - - - - - - diff --git a/dist/conf/relying-party.xml.dist b/dist/conf/relying-party.xml.dist deleted file mode 100644 index 28c9193..0000000 --- a/dist/conf/relying-party.xml.dist +++ /dev/null @@ -1,70 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/dist/conf/saml-nameid.properties.dist b/dist/conf/saml-nameid.properties.dist deleted file mode 100644 index 8530c4f..0000000 --- a/dist/conf/saml-nameid.properties.dist +++ /dev/null @@ -1,35 +0,0 @@ -# Properties involving SAML NameIdentifier/NameID generation/consumption - -# For the most part these settings only deal with "transient" and "persistent" -# identifiers. See saml-nameid.xml and c14n/subject-c14n.xml for advanced -# settings - -# Comment out to disable legacy NameID generation via Attribute Resolver -#idp.nameid.saml2.legacyGenerator = shibboleth.LegacySAML2NameIDGenerator -#idp.nameid.saml1.legacyGenerator = shibboleth.LegacySAML1NameIdentifierGenerator - -# Default NameID Formats to use when nothing else is called for. -# Don't change these just to change the Format used for a single SP! -#idp.nameid.saml2.default = urn:oasis:names:tc:SAML:2.0:nameid-format:transient -#idp.nameid.saml1.default = urn:mace:shibboleth:1.0:nameIdentifier - -# Set to shibboleth.StoredTransientIdGenerator for server-side transient ID storage -#idp.transientId.generator = shibboleth.CryptoTransientIdGenerator - -# Persistent IDs can be computed on the fly with a hash, or managed in a database - -# For computed IDs, set a source attribute and a secret salt: -#idp.persistentId.sourceAttribute = changethistosomethingreal -#idp.persistentId.useUnfilteredAttributes = true -# Do *NOT* share the salt with other people, it's like divulging your private key. -#idp.persistentId.algorithm = SHA -#idp.persistentId.salt = changethistosomethingrandom - -# To use a database, use shibboleth.StoredPersistentIdGenerator -#idp.persistentId.generator = shibboleth.ComputedPersistentIdGenerator -# For basic use, set this to a JDBC DataSource bean name: -#idp.persistentId.dataSource = PersistentIdDataSource -# For advanced use, set to a bean inherited from shibboleth.JDBCPersistentIdStore -#idp.persistentId.store = MyPersistentIdStore -# Set to an empty property to skip hash-based generation of first stored ID -#idp.persistentId.computed = shibboleth.ComputedPersistentIdGenerator diff --git a/dist/conf/saml-nameid.xml.dist b/dist/conf/saml-nameid.xml.dist deleted file mode 100644 index ea97448..0000000 --- a/dist/conf/saml-nameid.xml.dist +++ /dev/null @@ -1,62 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/dist/conf/services.properties.dist b/dist/conf/services.properties.dist deleted file mode 100644 index 116625a..0000000 --- a/dist/conf/services.properties.dist +++ /dev/null @@ -1,61 +0,0 @@ -# Configure the resources to load for various services, -# and the settings for failure handling and auto-reload. - -# failFast=true prevents IdP startup if a configuration is bad -# checkInterval = PT0S means never reload (this is the default) - -# Global default for fail-fast behavior of most subsystems -# with individual override possible below. -#idp.service.failFast = false - -#idp.service.logging.resource = %{idp.home}/conf/logback.xml -#idp.service.logging.failFast = true -idp.service.logging.checkInterval = PT5M - -# Set to shibboleth.LegacyRelyingPartyResolverResources with legacy V2 relying-party.xml -#idp.service.relyingparty.resources = shibboleth.RelyingPartyResolverResources -#idp.service.relyingparty.failFast = false -idp.service.relyingparty.checkInterval = PT15M - -#idp.service.metadata.resources = shibboleth.MetadataResolverResources -#idp.service.metadata.failFast = false -#idp.service.metadata.checkInterval = PT0S - -#idp.service.attribute.resolver.resources = shibboleth.AttributeResolverResources -#idp.service.attribute.resolver.failFast = false -idp.service.attribute.resolver.checkInterval = PT15M -#idp.service.attribute.resolver.maskFailures = true - -#idp.service.attribute.filter.resources = shibboleth.AttributeFilterResources -# NOTE: Failing the filter fast leaves no filters enabled. -#idp.service.attribute.filter.failFast = false -idp.service.attribute.filter.checkInterval = PT15M -#idp.service.attribute.filter.maskFailures = true - -#idp.service.nameidGeneration.resources = shibboleth.NameIdentifierGenerationResources -#idp.service.nameidGeneration.failFast = false -idp.service.nameidGeneration.checkInterval = PT15M - -#idp.service.access.resources = shibboleth.AccessControlResources -#idp.service.access.failFast = true -idp.service.access.checkInterval = PT5M - -#idp.service.cas.registry.resources = shibboleth.CASServiceRegistryResources -#idp.service.cas.registry.failFast = false -idp.service.cas.registry.checkInterval = PT15M - -#idp.message.resources = shibboleth.MessageSourceResources -#idp.message.cacheSeconds = 300 - -# Parameters for pre-defined HttpClient instances which perform in-memory and filesystem caching. -# These are used with components such as remote configuration resources that are explicitly wired -# with these client instances, *not* by default with HTTP metadata resolvers. -#idp.httpclient.useTrustEngineTLSSocketFactory = false -#idp.httpclient.useSecurityEnhancedTLSSocketFactory = false -#idp.httpclient.connectionDisregardTLSCertificate = false -#idp.httpclient.connectionTimeout = -1 -#idp.httpclient.memorycaching.maxCacheEntries = 50 -#idp.httpclient.memorycaching.maxCacheEntrySize = 1048576 -#idp.httpclient.filecaching.maxCacheEntries = 100 -#idp.httpclient.filecaching.maxCacheEntrySize = 10485760 -idp.httpclient.filecaching.cacheDirectory = %{idp.home}/tmp/httpClientCache \ No newline at end of file diff --git a/dist/conf/services.xml.dist b/dist/conf/services.xml.dist deleted file mode 100644 index d22fff9..0000000 --- a/dist/conf/services.xml.dist +++ /dev/null @@ -1,145 +0,0 @@ - - - - - - - - - - - %{idp.home}/conf/relying-party.xml - %{idp.home}/conf/credentials.xml - %{idp.home}/system/conf/relying-party-system.xml - - - - - %{idp.home}/conf/relying-party.xml - %{idp.home}/system/conf/legacy-relying-party-defaults.xml - - - - %{idp.home}/conf/metadata-providers.xml - %{idp.home}/system/conf/metadata-providers-system.xml - - - - %{idp.home}/conf/attribute-resolver.xml - - - - %{idp.home}/conf/attribute-filter.xml - - - - %{idp.home}/conf/saml-nameid.xml - %{idp.home}/system/conf/saml-nameid-system.xml - - - - %{idp.home}/conf/access-control.xml - %{idp.home}/system/conf/access-control-system.xml - - - - %{idp.home}/conf/cas-protocol.xml - - - - - %{idp.home}/messages/authn-messages - %{idp.home}/messages/consent-messages - %{idp.home}/messages/error-messages - - - diff --git a/dist/conf/session-manager.xml.dist b/dist/conf/session-manager.xml.dist deleted file mode 100644 index f195014..0000000 --- a/dist/conf/session-manager.xml.dist +++ /dev/null @@ -1,45 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/dist/flows/authn/conditions/account-locked/account-locked-flow.xml.dist b/dist/flows/authn/conditions/account-locked/account-locked-flow.xml.dist deleted file mode 100644 index 5fe7523..0000000 --- a/dist/flows/authn/conditions/account-locked/account-locked-flow.xml.dist +++ /dev/null @@ -1,16 +0,0 @@ - - - - - - - - - - - - - - diff --git a/dist/flows/authn/conditions/conditions-flow.xml.dist b/dist/flows/authn/conditions/conditions-flow.xml.dist deleted file mode 100644 index caa0a13..0000000 --- a/dist/flows/authn/conditions/conditions-flow.xml.dist +++ /dev/null @@ -1,35 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/dist/flows/authn/conditions/expired-password/expired-password-flow.xml.dist b/dist/flows/authn/conditions/expired-password/expired-password-flow.xml.dist deleted file mode 100644 index 5fe7523..0000000 --- a/dist/flows/authn/conditions/expired-password/expired-password-flow.xml.dist +++ /dev/null @@ -1,16 +0,0 @@ - - - - - - - - - - - - - - diff --git a/dist/flows/authn/conditions/expiring-password/expiring-password-flow.xml.dist b/dist/flows/authn/conditions/expiring-password/expiring-password-flow.xml.dist deleted file mode 100644 index f9f5ceb..0000000 --- a/dist/flows/authn/conditions/expiring-password/expiring-password-flow.xml.dist +++ /dev/null @@ -1,32 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/dist/flows/user/prefs/prefs-flow.xml.dist b/dist/flows/user/prefs/prefs-flow.xml.dist deleted file mode 100644 index c79093b..0000000 --- a/dist/flows/user/prefs/prefs-flow.xml.dist +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - - - - - - - - - diff --git a/dist/messages/authn-messages.properties.dist b/dist/messages/authn-messages.properties.dist deleted file mode 100644 index ed92747..0000000 --- a/dist/messages/authn-messages.properties.dist +++ /dev/null @@ -1,73 +0,0 @@ -# In addition to the Apache 2.0 license, this content is also licensed -# under the Creative Commons Attribution-ShareAlike 3.0 Unported license -# (see http://creativecommons.org/licenses/by-sa/3.0/). - -# Login / Logout messages - -idp.login.loginTo = Login to - -idp.login.username = Username -idp.login.password = Password - -idp.login.donotcache = Don't Remember Login - -idp.login.login = Login -idp.login.pleasewait = Logging in, please wait... - -idp.login.forgotPassword = Forgot your password? -idp.login.needHelp = Need Help? - -# Expiring password example messages - -idp.login.expiringSoon = Your password will be expiring soon! -idp.login.changePassword = To create a new password now, go to -idp.login.proceedBegin = Your login will proceed in 20 seconds or you may click -idp.login.proceedHere = here -idp.login.proceedEnd = to continue - -# Useful links - -idp.url.password.reset = # -idp.url.helpdesk = # - -# User Preferences example messages - -idp.userprefs.title = Web Login Service -idp.userprefs.title.suffice = Login Preferences -idp.userprefs.info = This page allows you to configure your device to tell the Web Login Service that it \ - can use more advanced login approaches that are more convenient, but not always usable. -idp.userprefs.options = The following options are available: -idp.userprefs.spnego = Automatically try desktop login when available. -idp.userprefs.no-js = This feature requires Javascript. - -# Classified Login Error messages - -UnknownUsername = bad-username -InvalidPassword = bad-password -ExpiredPassword = expired-password -AccountLocked = account-locked -SPNEGONotAvailable = spnego-unavailable -NTLMUnsupported = ntlm - -bad-username.message = The username you entered cannot be identified. - -bad-password.message = The password you entered was incorrect. - -expired-password.message = Your password has expired. - -account-locked.message = Your account is locked. - -spnego-unavailable.message = Your web browser doesn't support authentication with your desktop login credentials. -spnego-unavailable.return = Cancel the attempt. - -ntlm.message = Your web browser attempted to negotiate a weaker form of desktop authentication. - -# Logout-related messages - -idp.logout.ask = Would you like to attempt to log out of all services accessed during your session? \ - Please select Yes or No to ensure the logout \ - operation completes, or wait a few seconds for Yes. -idp.logout.contactServices = If you proceed, the system will attempt to contact the following services: -idp.logout.complete = The logout operation is complete, and no other services appear to have been accessed during this session. -idp.logout.local = You elected not to log out of all the applications accessed during your session. -idp.logout.attempt = Attempting to log out of the following services: diff --git a/dist/messages/consent-messages.properties.dist b/dist/messages/consent-messages.properties.dist deleted file mode 100644 index bed612e..0000000 --- a/dist/messages/consent-messages.properties.dist +++ /dev/null @@ -1,77 +0,0 @@ -# In addition to the Apache 2.0 license, this content is also licensed -# under the Creative Commons Attribution-ShareAlike 3.0 Unported license -# (see http://creativecommons.org/licenses/by-sa/3.0/). - -# General messages related to terms of use consent. - -idp.terms-of-use.accept = I accept the terms of use -idp.terms-of-use.submit = Submit -idp.terms-of-use.reject = Refuse -idp.terms-of-use.required = Please check this box if you want to proceed. - -# Triples consisting of a TOU key, and a title and text for each set of terms. -# The default implementation uses the SP name as the key, but this can be overriden. - -https\://sp.example.org = example-tou-1 -example-tou-1.title = Example Terms of Use -example-tou-1.text = *** This is an example ToU - tailor due to your needs *** \ -

Example organization AAI services: Terms of Use (ToU)

\ - A. Data Protection Sample Clause \ -

\ - "The End User notes that personal data about the End User is compiled from generally \ - available sources and from communications received from the End User and other \ - Universities as well as from off-site sources. The policy relating to the use and procession \ - of such data is posted on the University website at [...]. Such data will be used, inter alia, \ - to authenticate and authorize the access to and use of various resources within \ - the University and on other sites ("Approved Uses"). The End User hereby consents to \ - the collection, processing, use and release of such data to the extent reasonably necessary \ - for the Approved Uses. Such consent includes, but is not limited to, the release \ - of personal data to other institutions by employing cookies and electronically exchanging, \ - caching and storing personal authorization attributes." \ -

\ - B. Limitation of Liability \ -

\ - "To the extent permitted by the applicable law, the End User hereby waives all and any \ - claims for cost and damages, whether direct or indirect, incidental, or consequential(including, \ - inter alia, loss of use and lost profits), both in contract and in tort, arising from \ - the use or in any way related to the inter-organizational authentication and authorization \ - services which allow the End User to access certain resources of other organizations. \ - This waiver of claims shall be valid and effective in relation to all participants of \ - the inter-organizational authentication and authorization services including the AAI \ - Service Provider and its affiliates, officers, employees and agents." \ -

- -# Messages related to attribute release consent. - -idp.attribute-release.revoke = Clear prior granting of permission for release of your information to this service. - -idp.attribute-release.title = Information Release - -idp.attribute-release.attributesHeader = Information to be Provided to Service - -idp.attribute-release.serviceNameLabel = You are about to access the service: -idp.attribute-release.of = of -idp.attribute-release.serviceDescriptionLabel = Description as provided by this service: - -idp.attribute-release.informationURLLabel = Additional information about the service -idp.attribute-release.privacyStatementURLLabel = Data privacy information of the service - -idp.attribute-release.showDetails = show details - -idp.attribute-release.accept = Accept -idp.attribute-release.reject = Reject - -idp.attribute-release.confirmationQuestion = The information above would be shared with the service if you proceed. \ - Do you agree to release this information to the service every time you access it? - -idp.attribute-release.consentMethod = Select an information release consent duration: -idp.attribute-release.consentMethodRevoke = This setting can be revoked at any time with the checkbox on the login page. - -idp.attribute-release.doNotRememberConsent = Ask me again at next login -idp.attribute-release.doNotRememberConsentItem = I agree to send my information this time. - -idp.attribute-release.rememberConsent = Ask me again if information to be provided to this service changes -idp.attribute-release.rememberConsentItem = I agree that the same information will be sent automatically to this service in the future. - -idp.attribute-release.globalConsent = Do not ask me again -idp.attribute-release.globalConsentItem = I agree that all of my information will be released to any service. diff --git a/dist/messages/error-messages.properties.dist b/dist/messages/error-messages.properties.dist deleted file mode 100644 index 4f93680..0000000 --- a/dist/messages/error-messages.properties.dist +++ /dev/null @@ -1,119 +0,0 @@ -# In addition to the Apache 2.0 license, this content is also licensed -# under the Creative Commons Attribution-ShareAlike 3.0 Unported license -# (see http://creativecommons.org/licenses/by-sa/3.0/). - -# Title / Message mappings for error view - -# General strings -idp.title = Web Login Service -idp.title.suffix = Error -idp.logo = /images/dummylogo.png -idp.logo.alt-text = Replace or remove this logo -idp.message = An unidentified error occurred. -idp.footer = Insert your footer text here. - -idp.client-storage-read.title = Loading Session State... -idp.client-storage-write.title = Saving Session State... -idp.client-storage.no-js = Since your browser does not support JavaScript, \ - you must press the Continue button once to proceed. - -# Event to error key mappings - -AccessDenied = access -ContextCheckDenied = context-check-denied -EndpointResolutionFailed = endpoint -InvalidProfileConfiguration = relying-party -InvalidSecurityConfiguration = security-cfg -MessageAuthenticationError = security-msg -MessageReplay = stale -MessageExpired = stale -UnableToDecode = stale -AccountError = authn -AuthenticationException = authn -InvalidCredentials = authn -NoCredentials = authn -NoPotentialFlow = authn -RequestUnsupported = authn -SubjectCanonicalizationError = authn -InvalidAttributeContext = unexpected -InvalidAuthenticationContext = unexpected -InvalidSubjectContext = unexpected -InvalidSubjectCanonicalizationContext = unexpected -InvalidMessageContext = unexpected -InvalidMessageVersion = unexpected -InvalidProfileContext = unexpected -InvalidRelyingPartyContext = unexpected -InvalidRelyingPartyConfiguration = unexpected -MessageProcessingError = unexpected -UnableToEncode = unexpected -UnableToSign = unexpected -UnableToEncrypt = unexpected -AttributeReleaseRejected = no-release -TermsRejected = no-terms -RuntimeException = runtime-error - -# Exception to error key mappings - -FlowExecutionRestorationFailureException = stale - -# Error key to title and message mappings - -access.title = Access Denied -access.message = You do not have access to the requested resource. - -context-check-denied.title = Access Denied -context-check-denied.message = You are not eligible for the service requested. - -no-release.title = Release of Information Prevented -no-release.message = At your request, the release of your information has been blocked. If you wish to \ - change your decision, you may access the service again and approve the release in the \ - future. - -no-terms.title = Terms of Use Refused -no-terms.message = Having refused the mandatory Terms of Use, access to the service is not permitted. \ - If you wish to change your decision, you may access the service again and approve \ - the terms in the future. - -authn.title = Login Failed -authn.message = User login was not successful or could not meet the requirements of the requesting application. - -endpoint.title = Unable to Respond -endpoint.message = The login service was unable to identify a compatible way to respond to the requested \ - application. This is generally to due to a misconfiguration on the part of the application \ - and should be reported to the application's support team or owner. - -relying-party.title = Unsupported Request -relying-party.message = The application you have accessed is not registered for use with this service. - -security-cfg.title = Security Configuration Error -security-cfg.message = The login service and the requested application do not share a compatible \ - security configuration, and the request cannot be fulfilled. - -security-msg.title = Message Security Error -security-msg.message = The request cannot be fulfilled because the message received does not meet the \ - security requirements of the login service. - -stale.title = Stale Request -stale.message =

You may be seeing this page because you used the Back button while browsing a \ - secure web site or application. Alternatively, you may have mistakenly bookmarked \ - the web login form instead of the actual web site you wanted to bookmark or used a \ - link created by somebody else who made the same mistake.

\ -
\ -

Left unchecked, this can cause errors on some browsers or result in you returning to \ - the web site you tried to leave, so this page is presented instead.

- -unexpected.title = Unexpected Error -unexpected.message = An unexpected error was encountered, usually reflecting a configuration or software error. - -runtime-error.title = Uncaught Exception -runtime-error.message =

A software error was encountered that prevents normal operation:


\ -

#if($exception)$encoder.encodeForHTML($exception.toString())#else$encoder.encodeForHTML($flowExecutionException.getCause().toString())#end


\ -

Please report this problem to your Help Desk or administrative staff. It has \ - also been logged for an administrator to review.

- -error.title = Error -error.message = An error occurred: $eventId - -root.title = Shibboleth IdP -root.message = No services are available at this location. -root.footer = Insert your footer text here. diff --git a/dist/views/error.vm.dist b/dist/views/error.vm.dist deleted file mode 100644 index fb08a82..0000000 --- a/dist/views/error.vm.dist +++ /dev/null @@ -1,71 +0,0 @@ -## -## Velocity Template for error end-state -## -## Velocity context will contain the following properties -## flowRequestContext - the Spring Web Flow RequestContext -## encoder - HTMLEncoder class -## request - HttpServletRequest -## response - HttpServletResponse -## environment - Spring Environment object for property resolution -## custom - arbitrary object injected by deployer -## -#set ($title = $springMacroRequestContext.getMessage("idp.title", "Web Login Service")) -#set ($defaultTitleSuffix = $springMacroRequestContext.getMessage("idp.title.suffix", "Error")) -## -#if ($flowRequestContext) - ## This handles flow events, the most common case. - #set ($eventId = $flowRequestContext.getCurrentEvent().getId()) - #set ($eventKey = $springMacroRequestContext.getMessage("$eventId", "error")) - #set ($titleSuffix = $springMacroRequestContext.getMessage("${eventKey}.title", "$defaultTitleSuffix")) - #set ($message = $springMacroRequestContext.getMessage("${eventKey}.message", "$defaultTitleSuffix: $eventId")) - #if ($eventId == "AccessDenied" or $eventId == "ContextCheckDenied") - $response.setStatus(403) - #elseif ($eventId == "AttributeReleaseRejected" || $eventId == "TermsRejected") - $response.setStatus(200) - #elseif ($eventKey == "unexpected" || $eventKey == "runtime-error" || $eventKey == "error") - $response.setStatus(500) - #else - $response.setStatus(400) - #end -#elseif ($exception) - ## This handles exceptions that reach the Spring-MVC exception handler. - #set ($eventId = $exception.getClass().getSimpleName()) - #set ($eventKey = $springMacroRequestContext.getMessage("$eventId", "error")) - #set ($titleSuffix = $springMacroRequestContext.getMessage("${eventKey}.title", "$defaultTitleSuffix")) - #set ($message = $springMacroRequestContext.getMessage("${eventKey}.message", "$defaultTitleSuffix: $eventId")) -#else - ## This is a catch-all that theoretically shouldn't happen? - #set ($titleSuffix = $defaultTitleSuffix) - #set ($message = $springMacroRequestContext.getMessage("idp.message", "An unidentified error occurred.")) -#end -## - - - - - $title - $titleSuffix - - - - -
-
-
- #springMessageText( -

$title - $titleSuffix

-
- -
- #evaluate($message) -
-
- -
-
-

#springMessageText("idp.footer", "Insert your footer text here.")

-
-
- -
- - \ No newline at end of file diff --git a/dist/views/expiring-password.vm.dist b/dist/views/expiring-password.vm.dist deleted file mode 100644 index 0cb9d90..0000000 --- a/dist/views/expiring-password.vm.dist +++ /dev/null @@ -1,53 +0,0 @@ -## -## Velocity Template for expiring password view -## -## Velocity context will contain the following properties -## flowExecutionUrl - the form action location -## flowRequestContext - the Spring Web Flow RequestContext -## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl) -## profileRequestContext - root of context tree -## authenticationContext - context with authentication request information -## authenticationErrorContext - context with login error state -## authenticationWarningContext - context with login warning state -## ldapResponseContext - context with LDAP state (if using native LDAP) -## encoder - HTMLEncoder class -## request - HttpServletRequest -## response - HttpServletResponse -## environment - Spring Environment object for property resolution -## custom - arbitrary object injected by deployer -## - - - - - #springMessageText("idp.title", "Web Login Service") - - - - - -
-
-
- #springMessageText( -

#springMessageText("idp.login.expiringSoon", "Your password will be expiring soon!")

-
- -
-

#springMessageText("idp.login.changePassword", "To create a new password now, go to") - #.

-

#springMessageText("idp.login.proceedBegin", "Your login will proceed in 20 seconds or you may click") - #springMessageText("idp.login.proceedHere", "here") - #springMessageText("idp.login.proceedEnd", "to continue").

-
-
- -
-
-

#springMessageText("idp.footer", "Insert your footer text here.")

-
-
- -
- - \ No newline at end of file diff --git a/dist/views/intercept/attribute-release.vm.dist b/dist/views/intercept/attribute-release.vm.dist deleted file mode 100644 index 9c8b614..0000000 --- a/dist/views/intercept/attribute-release.vm.dist +++ /dev/null @@ -1,148 +0,0 @@ -## -## Velocity Template for DisplayAttributeReleasePage view-state -## -## Velocity context will contain the following properties : -## -## attributeReleaseContext - context holding consentable attributes -## attributeReleaseFlowDescriptor - attribute consent flow descriptor -## attributeDisplayNameFunction - function to display attribute name -## consentContext - context representing the state of a consent flow -## encoder - HTMLEncoder class -## flowExecutionKey - SWF execution key (this is built into the flowExecutionUrl) -## flowExecutionUrl - form action location -## flowRequestContext - Spring Web Flow RequestContext -## profileRequestContext - OpenSAML profile request context -## request - HttpServletRequest -## response - HttpServletResponse -## rpUIContext - context with SP UI information from the metadata -## environment - Spring Environment object for property resolution -#set ($serviceName = $rpUIContext.serviceName) -#set ($serviceDescription = $rpUIContext.serviceDescription) -#set ($informationURL = $rpUIContext.informationURL) -#set ($privacyStatementURL = $rpUIContext.privacyStatementURL) -#set ($rpOrganizationLogo = $rpUIContext.getLogo()) -#set ($rpOrganizationName = $rpUIContext.organizationName) -## - - - - - - - #springMessageText("idp.attribute-release.title", "Information Release") - - -
-
-
- - #if ($rpOrganizationLogo) - - #end -
- #if ($serviceName) -

- #springMessageText("idp.attribute-release.serviceNameLabel", "You are about to access the service:")
- $serviceName - #if ($rpOrganizationName) - #springMessageText("idp.attribute-release.of", "of") $encoder.encodeForHTML($rpOrganizationName) - #end -

- #end - #if ($serviceDescription) -

- #springMessageText("idp.attribute-release.serviceDescriptionLabel", "Description as provided by this service:")
- $encoder.encodeForHTML($serviceDescription) -
-

- #end - #if ($informationURL) -

- #springMessageText("idp.attribute-release.informationURLLabel", "Additional information about the service") -

- #end -
- - - - - - - - #foreach ($attribute in $attributeReleaseContext.getConsentableAttributes().values()) - - - - - - #end - -
- #springMessageText("idp.attribute-release.attributesHeader", "Information to be Provided to Service") -
$encoder.encodeForHTML($attributeDisplayNameFunction.apply($attribute)) - #foreach ($value in $attribute.values) - $encoder.encodeForHTML($value.getDisplayValue()) -
- #end - 		- #if ($attributeReleaseFlowDescriptor.perAttributeConsentEnabled) - #set ($inputType = "checkbox") - #else - #set ($inputType = "hidden") - #end - -
-
- #if ($privacyStatementURL) -

- #springMessageText("idp.attribute-release.privacyStatementURLLabel", "Data privacy information of the service") -

- #end -
-

- #springMessageText("idp.attribute-release.confirmationQuestion", "The information above would be shared with the service if you proceed. Do you agree to release this information to the service every time you access it?") -

- #if ($attributeReleaseFlowDescriptor.doNotRememberConsentAllowed || $attributeReleaseFlowDescriptor.globalConsentAllowed) -
- #springMessageText("idp.attribute-release.consentMethod", "Select an information release consent duration:") - #end - #if ($attributeReleaseFlowDescriptor.doNotRememberConsentAllowed) -

- - #springMessageText("idp.attribute-release.doNotRememberConsent", "Ask me again at next login") -

    -
  • #springMessageText("idp.attribute-release.doNotRememberConsentItem", "I agree to send my information this time.")
    • -
-

- #end - #if ($attributeReleaseFlowDescriptor.doNotRememberConsentAllowed || $attributeReleaseFlowDescriptor.globalConsentAllowed) -

- - #springMessageText("idp.attribute-release.rememberConsent", "Ask me again if information changes") -

    -
  • #springMessageText("idp.attribute-release.rememberConsentItem", "I agree that the same information will be sent automatically to this service in the future.")
    • -
-

- #end - #if ($attributeReleaseFlowDescriptor.globalConsentAllowed) -

- - #springMessageText("idp.attribute-release.globalConsent", "Do not ask me again") -

    -
  • #springMessageText("idp.attribute-release.globalConsentItem", "I agree that all of my information will be released to any service.")
    • -
-

- #end - #if ($attributeReleaseFlowDescriptor.doNotRememberConsentAllowed || $attributeReleaseFlowDescriptor.globalConsentAllowed) - #springMessageText("idp.attribute-release.consentMethodRevoke", "This setting can be revoked at any time with the checkbox on the login page.") -
- #end -

- - -

-
-
-
- - diff --git a/dist/views/intercept/terms-of-use.vm.dist b/dist/views/intercept/terms-of-use.vm.dist deleted file mode 100644 index 1bf12c7..0000000 --- a/dist/views/intercept/terms-of-use.vm.dist +++ /dev/null @@ -1,67 +0,0 @@ -## -## Velocity Template for DisplayTermsOfUsePage view-state -## -## Velocity context will contain the following properties : -## -## encoder - HTMLEncoder class -## flowExecutionKey - SWF execution key (this is built into the flowExecutionUrl) -## flowExecutionUrl - form action location -## flowRequestContext - Spring Web Flow RequestContext -## request - HttpServletRequest -## response - HttpServletResponse -## rpUIContext - context with SP UI information from the metadata -## termsOfUseId - terms of use ID to lookup message strings -## environment - Spring Environment object for property resolution -#set ($serviceName = $rpUIContext.serviceName) -#set ($rpOrganizationLogo = $rpUIContext.getLogo()) -## - - - - - - - #springMessageText("${termsOfUseId}.title", "Terms of Use") - - -
-
- - #if ($rpOrganizationLogo) - - #end -
- #if ($rpOrganizationLogo) -
-

#springMessageText("${termsOfUseId}.title", "Terms of Use")

-
- #end -
- #springMessageText("${termsOfUseId}.text", "Terms of Use Text...") -
-
-
-
- -
-
-
-
- - - #if ($requireCheckbox) -

#springMessageText("idp.terms-of-use.required", "Please check this box if you want to proceed.")

- #end - -
-
-
-
-
-
-

#springMessageText("idp.footer", "Insert your footer text here.")

-
-
-
- - diff --git a/dist/views/login-error.vm.dist b/dist/views/login-error.vm.dist deleted file mode 100644 index 44676b3..0000000 --- a/dist/views/login-error.vm.dist +++ /dev/null @@ -1,24 +0,0 @@ -## Velocity Template for login error message production, included by login.vm -## -## authenticationErrorContext - context containing error data, if available -## -#if ($authenticationErrorContext && $authenticationErrorContext.getClassifiedErrors().size() > 0 && $authenticationErrorContext.getClassifiedErrors().iterator().next() != "ReselectFlow") - ## This handles errors that are classified by the message maps in the authentication config. - #set ($eventId = $authenticationErrorContext.getClassifiedErrors().iterator().next()) - #set ($eventKey = $springMacroRequestContext.getMessage("$eventId", "login")) - #set ($message = $springMacroRequestContext.getMessage("${eventKey}.message", "Login Failure: $eventId")) -#elseif ($authenticationErrorContext && $authenticationErrorContext.getExceptions().size() > 0) - ## This handles login exceptions that are left unclassified. - #set ($loginException = $authenticationErrorContext.getExceptions().get(0)) - #if ($loginException.getMessage()) - #set ($message = "Login Failure: $loginException.getMessage()") - #else - #set ($message = $loginException.toString()) - #end -#end - -#if ($message) -
-

$encoder.encodeForHTML($message)

-
-#end diff --git a/dist/views/login.vm.dist b/dist/views/login.vm.dist deleted file mode 100644 index a623db5..0000000 --- a/dist/views/login.vm.dist +++ /dev/null @@ -1,138 +0,0 @@ -## -## Velocity Template for DisplayUsernamePasswordPage view-state -## -## Velocity context will contain the following properties -## flowExecutionUrl - the form action location -## flowRequestContext - the Spring Web Flow RequestContext -## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl) -## profileRequestContext - root of context tree -## authenticationContext - context with authentication request information -## authenticationErrorContext - context with login error state -## authenticationWarningContext - context with login warning state -## ldapResponseContext - context with LDAP state (if using native LDAP) -## rpUIContext - the context with SP UI information from the metadata -## extendedAuthenticationFlows - collection of "extended" AuthenticationFlowDescriptor objects -## passwordPrincipals - contents of the shibboleth.authn.Password.PrincipalOverride bean -## encoder - HTMLEncoder class -## request - HttpServletRequest -## response - HttpServletResponse -## environment - Spring Environment object for property resolution -## custom - arbitrary object injected by deployer -## -#set ($rpContext = $profileRequestContext.getSubcontext('net.shibboleth.idp.profile.context.RelyingPartyContext')) -#set ($username = $authenticationContext.getSubcontext('net.shibboleth.idp.authn.context.UsernamePasswordContext', true).getUsername()) -#set ($passwordEnabled = false) -#if (!$passwordPrincipals or $passwordPrincipals.isEmpty() or $authenticationContext.isAcceptable($passwordPrincipals)) - #set ($passwordEnabled = true) -#end -## - - - - - #springMessageText("idp.title", "Web Login Service") - - - -
-
-
- #springMessageText( -
- -
-
- #parse("login-error.vm") - -
- - #set ($serviceName = $rpUIContext.serviceName) - #if ($serviceName && !$rpContext.getRelyingPartyId().contains($serviceName)) - - #springMessageText("idp.login.loginTo", "Login to") $encoder.encodeForHTML($serviceName) - - #end - - #if ($passwordEnabled) -
- - -
- -
- - -
- -
- #springMessageText("idp.login.donotcache", "Don't Remember Login") -
- #end - -
- - #springMessageText("idp.attribute-release.revoke", "Clear prior granting of permission for release of your information to this service.") -
- - #if ($passwordEnabled) -
- -
- #end - - #foreach ($extFlow in $extendedAuthenticationFlows) - #if ($authenticationContext.isAcceptable($extFlow) and $extFlow.apply(profileRequestContext)) -
- -
- #end - #end -
- - #* - // - // SP Description & Logo (optional) - // These idpui lines will display added information (if available - // in the metadata) about the Service Provider (SP) that requested - // authentication. These idpui lines are "active" in this example - // (not commented out) - this extra SP info will be displayed. - // Remove or comment out these lines to stop the display of the - // added SP information. - // - *# - #set ($logo = $rpUIContext.getLogo()) - #if ($logo) - $encoder.encodeForHTMLAttribute($serviceName) - #end - #set ($desc = $rpUIContext.getServiceDescription()) - #if ($desc) - $encoder.encodeForHTML($desc) - #end - -
-
- -
-
-
- -
-
-

#springMessageText("idp.footer", "Insert your footer text here.")

-
-
-
- - - \ No newline at end of file diff --git a/dist/views/logout-complete.vm.dist b/dist/views/logout-complete.vm.dist deleted file mode 100644 index 4bf0a62..0000000 --- a/dist/views/logout-complete.vm.dist +++ /dev/null @@ -1,58 +0,0 @@ -## -## Velocity Template for logout flow's concluding view-state (no propagation) -## -## Velocity context will contain the following properties -## flowExecutionUrl - the form action location -## flowRequestContext - the Spring Web Flow RequestContext -## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl) -## profileRequestContext - root of context tree -## logoutContext - context with SPSession details for logout operation -## multiRPContext - context with RelyingPartyContexts and possibly SP UI information from the metadata -## encoder - HTMLEncoder class -## request - HttpServletRequest -## response - HttpServletResponse -## environment - Spring Environment object for property resolution -## custom - arbitrary object injected by deployer -## - - - - - #springMessageText("idp.title", "Web Login Service") - - - - -
-
-
- #springMessageText( -
- -
-
-

#springMessageText("idp.logout.local", "You elected not to log out of all the applications accessed during your session.")

-
-
- -
-
-
- - - #if ( $profileRequestContext.getProfileId().contains("saml2/logout") ) -