Shibboleth Developers

[Walter Hoehn <>]

Although it may change in the future, this isn't the way shibboleth 
works now.  The code that sits behind shibboleth's metadata API reads 
in static xml files containing our proprietary metadata.  These files 
can be either distributed via federations or hand-crafted for bilateral 
agreements, but the authoritative copies are not necessarily queried in 
real time.

With Shibboleth 1.3, we plan to support the SAML 2 metadata format, but 
have no immediate plans to add an "online lookup" capability behind the 
interfaces.  I don't think anyone is against it; but a compelling use 
case hasn't yet arisen, since the current metadata is mostly static.

-Walter


On Jan 19, 2005, at 8:05 AM, Tom Scavo wrote:
> > Ok. What "resolver" is used to look them up?
>
> The IdP providerId itself resolves the metadata.  Convention is that
> the metadata resides at the location given by the providerId.
>
> > Are you referring to
> > metadata maintained and distributed to IdPs and SPs by a 3rd party (a
> > federation), that an SP would use to look up a provider id?
>
> No, the providers maintain and publish their own metadata at
> conventional locations (given by their respective providerIds).
>
> Tom S.

Attachment: smime.p7s
Description: S/MIME cryptographic signature