4281 2006-03-11 16:18 update to IdP metadata template 2008-04-25 21:12:09 1 1 1 Unclassified GridShib Shibboleth IdP Plugin 0.4.4 PC Linux RESOLVED FIXED P3 normal beta 1 tfreeman@mcs.anl.gov trscavo@gmail.com gridshib-dev@globus.org tfreeman@mcs.anl.gov vwelch@uiuc.edu tfreeman@mcs.anl.gov 2006-03-11 16:18:12 The sample metadata template in the NameMapper plugin: gridshib/idp/data/gridshib-idp-metadata-template.xml .. has this comment: Zero or more saml:Attribute elements are included here. (Since these elements are currently not used by grid service providers, they are more for documentation purposes than anything else.) Now that the GT module is aware of Attribute elements, this parenthetical remark should be updated or deleted. I'll post a link here to the relevant documentation once it is online. trscavo@gmail.com 2006-03-12 11:17:58 I've read the documentation: http://gridshib.globus.org/docs/admin-index.html#metadata-attr-optimization I agree this is a useful optimization provided the following are true: 1. It is OFF by default (which evidently it is). 2. If it is ON and there are no Attribute elements in the IdP metadata, the optimization is short-circuited (i.e., the query proceeds). I recommend the comment be changed as follows: Zero or more saml:Attribute elements are included here. A Grid service provider may choose not to query the AA based on the attributes in this list, therefore this list MUST be comprehensive. Since no method of dynamic metadata exchange currently exists, it is recommended that IdPs omit this list entirely. At least two things are needed before we can recommend otherwise: - A tool that produces IdP metadata from the underlying IdP configuration - A simple method of publishing IdP metadata tfreeman@mcs.anl.gov 2006-03-12 11:45:29 OK, makes sense. I just verified that your point #2 is in the code, the optimization treats 0 attributes as a signal to NOT disable the query. Your new comment text looks good to me, thanks. trscavo@gmail.com 2006-03-12 14:16:04 The comment in the IdP metadata template has been modified in my sandbox. trscavo@gmail.com 2006-05-24 11:15:20 The updated IdP metadata template has been committed to CVS.