This repository has been archived by the owner. It is now read-only.
forked from InCommon/inc-meta
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
320 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,180 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <!-- | ||
| Common beans for this channel. | ||
| --> | ||
| <beans xmlns="http://www.springframework.org/schema/beans" | ||
| default-lazy-init="true" | ||
| xmlns:c="http://www.springframework.org/schema/c" | ||
| xmlns:p="http://www.springframework.org/schema/p" | ||
| xmlns:util="http://www.springframework.org/schema/util" | ||
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
| xsi:schemaLocation=" | ||
| http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd | ||
| http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd"> | ||
|
|
||
| <!-- | ||
| Location of various resources. | ||
| --> | ||
| <!-- production aggregate --> | ||
| <bean id="pl_pionier_productionAggregate_url" class="java.lang.String"> | ||
| <constructor-arg value="http://aai.pionier.net.pl/pionierid.xml"/> | ||
| </bean> | ||
| <!-- eduGAIN export aggregate --> | ||
| <bean id="pl_pionier_edugainAggregate_url" class="java.lang.String"> | ||
| <constructor-arg value="https://aai.pionier.net.pl/pionier-to-edugain.xml"/> | ||
| </bean> | ||
|
|
||
| <!-- | ||
| Fetch the production aggregate. | ||
| --> | ||
| <bean id="pl_pionier_productionAggregate" parent="DOMResourceSourceStage" | ||
| p:id="pl_pionier_productionAggregate"> | ||
| <property name="DOMResource"> | ||
| <bean parent="HTTPResource"> | ||
| <constructor-arg name="client" ref="httpClient"/> | ||
| <constructor-arg name="url" ref="pl_pionier_productionAggregate_url"/> | ||
| </bean> | ||
| </property> | ||
| </bean> | ||
|
|
||
| <!-- | ||
| Fetch the eduGAIN export aggregate. | ||
| --> | ||
| <bean id="pl_pionier_edugainAggregate" parent="DOMResourceSourceStage" | ||
| p:id="pl_pionier_edugainAggregate"> | ||
| <property name="DOMResource"> | ||
| <bean parent="HTTPResource"> | ||
| <constructor-arg name="client" ref="httpClient"/> | ||
| <constructor-arg name="url" ref="pl_pionier_edugainAggregate_url"/> | ||
| </bean> | ||
| </property> | ||
| </bean> | ||
|
|
||
| <!-- | ||
| Federation signing certificate. | ||
| --> | ||
| <bean id="pl_pionier_signingCertificate" class="net.shibboleth.ext.spring.factory.X509CertificateFactoryBean"> | ||
| <property name="certificateFile"> | ||
| <bean class="java.io.File"> | ||
| <constructor-arg value="#{ systemProperties['basedir'] }/mdx/pl_pionier/pionier.crt"/> | ||
| </bean> | ||
| </property> | ||
| </bean> | ||
|
|
||
| <!-- | ||
| eduGAIN signing certificate. | ||
| --> | ||
| <bean id="pl_pionier_edugainCertificate" class="net.shibboleth.ext.spring.factory.X509CertificateFactoryBean"> | ||
| <property name="certificateFile"> | ||
| <bean class="java.io.File"> | ||
| <constructor-arg value="#{ systemProperties['basedir'] }/mdx/pl_pionier/edugain.crt"/> | ||
| </bean> | ||
| </property> | ||
| </bean> | ||
|
|
||
| <!-- | ||
| Check signing signature. | ||
| --> | ||
| <bean id="pl_pionier_checkSignature" parent="XMLSignatureValidationStageSHA256" | ||
| p:id="pl_pionier_checkSignature"> | ||
| <property name="verificationCertificate" ref="pl_pionier_signingCertificate"/> | ||
| </bean> | ||
| <bean id="pl_pionier_checkEdugainSignature" parent="XMLSignatureValidationStageSHA256" | ||
| p:id="pl_pionier_checkEdugainSignature"> | ||
| <property name="verificationCertificate" ref="pl_pionier_edugainCertificate"/> | ||
| </bean> | ||
|
|
||
| <!-- | ||
| pl_pionier_registrar | ||
| Unique ID for the registrar associated with this channel. | ||
| --> | ||
| <bean id="pl_pionier_registrar" class="java.lang.String"> | ||
| <constructor-arg value="https://aai.pionier.net.pl"/> | ||
| </bean> | ||
|
|
||
| <!-- | ||
| pl_pionier_check_regauth | ||
| Any registrationAuthority already present on an entity in this | ||
| channel must match the known registration authority value. | ||
| --> | ||
| <bean id="pl_pionier_check_regauth" parent="check_regauth_parent" | ||
| p:id="pl_pionier_check_regauth"> | ||
| <property name="transformParameters"> | ||
| <map> | ||
| <entry key="expectedAuthority" value-ref="pl_pionier_registrar"/> | ||
| </map> | ||
| </property> | ||
| </bean> | ||
|
|
||
| <!-- | ||
| pl_pionier_default_regauth | ||
| Provide a default registrationAuthority appropriate to | ||
| this channel. | ||
| --> | ||
| <bean id="pl_pionier_default_regauth" parent="default_regauth_parent" | ||
| p:id="pl_pionier_default_regauth"> | ||
| <property name="transformParameters"> | ||
| <map> | ||
| <entry key="defaultAuthority" value-ref="pl_pionier_registrar"/> | ||
| </map> | ||
| </property> | ||
| </bean> | ||
|
|
||
| <!-- | ||
| Fetch the production entities as a collection. | ||
| --> | ||
| <bean id="pl_pionier_productionEntities" parent="CompositeStage" | ||
| p:id="pl_pionier_productionEntities"> | ||
| <property name="composedStages"> | ||
| <list> | ||
| <ref bean="pl_pionier_productionAggregate"/> | ||
|
|
||
| <!-- | ||
| Check for fatal errors at the aggregate level: | ||
| missing or expired validUntil attribute | ||
| invalid signature | ||
| --> | ||
| <ref bean="check_validUntil"/> | ||
| <ref bean="pl_pionier_checkProductionSignature"/> | ||
| <ref bean="errorTerminatingFilter"/> | ||
|
|
||
| <ref bean="disassemble"/> | ||
| </list> | ||
| </property> | ||
| </bean> | ||
|
|
||
| <!-- | ||
| Fetch the eduGAIN export entities as a collection. | ||
| --> | ||
| <bean id="pl_pionier_edugainEntities" parent="CompositeStage" | ||
| p:id="pl_pionier_edugainEntities"> | ||
| <property name="composedStages"> | ||
| <list> | ||
| <ref bean="pl_pionier_edugainAggregate"/> | ||
|
|
||
| <!-- | ||
| Check for fatal errors at the aggregate level: | ||
| missing or expired validUntil attribute | ||
| invalid signature | ||
| --> | ||
| <ref bean="check_validUntil"/> | ||
| <ref bean="pl_pionier_checkEdugainSignature"/> | ||
| <ref bean="errorTerminatingFilter"/> | ||
|
|
||
| <ref bean="disassemble"/> | ||
|
|
||
| <ref bean="check_hasreginfo"/> | ||
| <ref bean="pl_pionier_check_regauth"/> | ||
| </list> | ||
| </property> | ||
| </bean> | ||
|
|
||
| <!-- | ||
| Select primary export aggregate. | ||
| --> | ||
| <alias alias="pl_pionier_exportedAggregate" name="pl_pionier_edugainAggregate"/> | ||
| <alias alias="pl_pionier_exportedEntities" name="pl_pionier_edugainEntities"/> | ||
| </beans> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIC/jCCAeYCCQD8G53mJJdiFjANBgkqhkiG9w0BAQUFADBBMQswCQYDVQQGEwJQTDEQMA4GA1UE | ||
| ChMHUElPTklFUjEgMB4GA1UEAxMXZWR1R0FJTiBNZXRhZGF0YSBTaWduZXIwHhcNMTQwMjE3MTA0 | ||
| MzM0WhcNMjIwNTA2MTA0MzM0WjBBMQswCQYDVQQGEwJQTDEQMA4GA1UEChMHUElPTklFUjEgMB4G | ||
| A1UEAxMXZWR1R0FJTiBNZXRhZGF0YSBTaWduZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK | ||
| AoIBAQC9L5KsrFnu8iV1Leb4BiR4tNvwgnkM6aCdxWw6mZ477cAMrD27rfNfJAcOso4a0Yq89Sf3 | ||
| fpU5Vjz6fzzsxyXQdupKzgMBoPionx8f1JPchx1jEcalrRLVpoElY9uj7j3hOA8uEJ434YhkIds8 | ||
| R7CvGwHhWIrKeQHPV3hnoGWtYz1LzYJ/5JxK876NTHsYYHSAW8rz0s8CMEmJm89Dve6fVk42Lzlg | ||
| mk18dD3q6DH27ToMxWW4LgekjIOQn9Khxc6aNXSUy6SVGkwyX1sRYBy0qSSFWH6b8JfdOVIuya8Y | ||
| U5eRmJWrdT4BHuvtxadzOO+8CVqwvMTMEOItLup+jnRjAgMBAAEwDQYJKoZIhvcNAQEFBQADggEB | ||
| ACww9OBdXk/VBNOBNlNCrb9WgoaS0wbUgv0rvuPzIZl9N8ptTdTKnvOLln+rrEbGeJ7VemBjYGLA | ||
| xa5KV+cFmxrLVWZLpVSvkxHAa0mOU0dSUsCyWSUPuGm93TH3sUlF1Gru+vdCBNKrkLrmYuEO8KlL | ||
| Fr6zInoQtf0pk/luxLC3bolT1K2hGVqqTdl/hjFSYehb+FOa3Z9uy3MDV3IGiU80fX+ctekF5EXx | ||
| /V21xtLPuxtcfyg2og+KhwXoZMmZK/vfKZnfqhsrd8JB8lwZ8SF1DhUBOILvOyDPvbIT7ZQjLdUf | ||
| NSZIhhUb/n3HthPFjIAAh0ByxPezA/pZQBcUEK8= | ||
| -----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIC7jCCAdYCCQDi8dyBIDBeLTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJQTDEQMA4GA1UE | ||
| ChMHUElPTklFUjEYMBYGA1UEAxMPTWV0YWRhdGEgU2lnbmVyMB4XDTEyMDkxMzA2MzQzN1oXDTE4 | ||
| MDMwNjA2MzQzN1owOTELMAkGA1UEBhMCUEwxEDAOBgNVBAoTB1BJT05JRVIxGDAWBgNVBAMTD01l | ||
| dGFkYXRhIFNpZ25lcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKPalOtbmIuINk1g | ||
| R0d7r9A5R3eT1dnYlqm0QXMXAarzn2kTvhj3y7dYXV78VjRDvfFG5Gy55dg+JVF/zUog2Wuj6Nif | ||
| jvee3mpIi5bZupHcnbkXfJE/eQsWSpHRhzjrrdI/8OYOuoxfcRtRUHhUlqFkZbH9Xr78I5SLpN6L | ||
| s+UcnGAARLQrwKzjW2cS5Nnag2nhok3sVa8Q/bhCxQWuCNpQQrQJ+AOt5q7lFbBuFat7UvGKcFZq | ||
| NGs/d0NPHiYt8BSrclUfuDnSERekwPrNJ6EnyVl240ZmNRHpaEDjO+KIGUQ9hR8EA+0k5sQcSkng | ||
| wFBuKr9d3giE3XCT6euPTG8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAQ7QUT1v/WsqdYoO9W3eN | ||
| tlmm9JoZuZWdW3AmtbkGiuVY+VmFjx9+7J58w/3RnJZiqS30yp7XIX0FDYHD5hqP3SJRegO7cG2G | ||
| ihDb6TpWr7r2l2aywvPLlnoDJOTZ7ARjYxDno5i7kt7KP/VrmGX58gXUMnVlYJeXTy1LaPb20r8V | ||
| wr8HemVP3yICni6h82NA7OaHqjFghUaeyWihBvVR7f0B+1DvAvpOAAHDAJvxSj2jglJVIoF3PIFt | ||
| YX2+t+bZNEQkGc6pxcRwLvNfqLUSnHOEMzUwujYmXkZx1BinJHkB+g6pVjss12/QvU2XorIhcq8I | ||
| p0Hc6QwXrYGsb8eI5Q== | ||
| -----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,103 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <!-- | ||
| Verb definitions for this channel. | ||
| --> | ||
| <beans xmlns="http://www.springframework.org/schema/beans" | ||
| default-lazy-init="true" | ||
| xmlns:c="http://www.springframework.org/schema/c" | ||
| xmlns:p="http://www.springframework.org/schema/p" | ||
| xmlns:util="http://www.springframework.org/schema/util" | ||
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
| xsi:schemaLocation=" | ||
| http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd | ||
| http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd"> | ||
|
|
||
| <!-- | ||
| Import commonly used beans. | ||
| --> | ||
| <import resource="classpath:common-beans.xml"/> | ||
|
|
||
| <!-- | ||
| Import channel-specific beans. | ||
| --> | ||
| <import resource="classpath:pl_pionier/beans.xml"/> | ||
|
|
||
| <bean id="serializeImported" parent="SerializationStage" | ||
| p:id="serializeImported"> | ||
| <property name="outputFile"> | ||
| <bean class="java.io.File"> | ||
| <constructor-arg value="#{ systemProperties['basedir'] }/mdx/pl_pionier/imported.xml"/> | ||
| </bean> | ||
| </property> | ||
| </bean> | ||
|
|
||
| <bean id="importProduction" parent="SimplePipeline" | ||
| p:id="importProduction"> | ||
| <property name="stages"> | ||
| <list> | ||
| <ref bean="pl_pionier_productionEntities"/> | ||
| <ref bean="standardImportActions"/> | ||
| <ref bean="standardImportTail"/> | ||
| <ref bean="serializeImported"/> | ||
| </list> | ||
| </property> | ||
| </bean> | ||
|
|
||
| <bean id="importProductionRaw" parent="SimplePipeline" | ||
| p:id="importProductionRaw"> | ||
| <property name="stages"> | ||
| <list> | ||
| <ref bean="pl_pionier_productionAggregate"/> | ||
| <ref bean="serializeImported"/> | ||
| </list> | ||
| </property> | ||
| </bean> | ||
|
|
||
| <bean id="importEdugain" parent="SimplePipeline" | ||
| p:id="importEdugain"> | ||
| <property name="stages"> | ||
| <list> | ||
| <ref bean="pl_pionier_edugainEntities"/> | ||
| <ref bean="standardImportActions"/> | ||
| <ref bean="standardImportTail"/> | ||
| <ref bean="serializeImported"/> | ||
| </list> | ||
| </property> | ||
| </bean> | ||
|
|
||
| <bean id="importEdugainRaw" parent="SimplePipeline" | ||
| p:id="importEdugainRaw"> | ||
| <property name="stages"> | ||
| <list> | ||
| <ref bean="pl_pionier_edugainAggregate"/> | ||
| <ref bean="serializeImported"/> | ||
| </list> | ||
| </property> | ||
| </bean> | ||
|
|
||
| <bean id="verifyEdugain" parent="SimplePipeline" | ||
| p:id="verifyEdugain"> | ||
| <property name="stages"> | ||
| <list> | ||
| <ref bean="pl_pionier_edugainEntities"/> | ||
| <ref bean="standardImportActions"/> | ||
|
|
||
| <bean parent="X509ValidationStage" | ||
| p:id="checkCertificates"> | ||
| <property name="validators"> | ||
| <list> | ||
| <!-- Error on RSA key length less than 2048 bits. --> | ||
| <bean parent="X509RSAKeyLengthValidator" | ||
| p:warningBoundary="0" p:errorBoundary="2048"/> | ||
| </list> | ||
| </property> | ||
| </bean> | ||
|
|
||
| <ref bean="errorTerminatingFilter"/> | ||
| </list> | ||
| </property> | ||
| </bean> | ||
|
|
||
| <alias alias="import" name="importEdugain"/> | ||
| <alias alias="importRaw" name="importEdugainRaw"/> | ||
| </beans> |