Skip to Content.
Sympa Menu

shibboleth-dev - RE: Feature request for metadatatool

Subject: Shibboleth Developers

List archive

RE: Feature request for metadatatool


Chronological Thread 
  • From: "Scott Cantor" <>
  • To: <>
  • Subject: RE: Feature request for metadatatool
  • Date: Wed, 23 Nov 2005 10:32:37 -0500
  • Organization: The Ohio State University

> Problem:
> Central web server gets hammered with requests because Metadatatool
> downloads metadata with each request, even if nothing changed. This
> wastes not only resources (mainly bandwidth) on that web server but also
> on the IdP/SP side.

I think we have different definitions of "hammered", although I don't have
any stats to back that up. In other words, it seems like a very minor
problem at this stage of the game, but that said...

> Solution:
> Metadata tool could compare the local file's size and timestamp with
> that of the file on the web server by asking the web server with a HEAD
> request for the 'Last-Modified' parameter. Metadatatool then only would
> download the metadata file (and set its modification date to the one of
> the web server's metadata file) if at least one of these parameters
differ.

I don't see any reason to overload metadatatool with this, what we need is a
workable model for dynamic metadata delivery and caching that can be
integrated directly into the plugins, and that's more or less what we're
working toward. Not to metion that one could get rid of static files
altogether and do something using a web service or whatever, where the
authentication of the service takes the place of a signature.

> Of course one could write a wrapper arround metadatatool and e.g. use
> curl -I http://file.to/metadata.xml to do that but it would nevertheless
> be nice if there was an option for the metadatatool that would allow the
> above out of the box.

I disagree. If anything, I think metadatatool should do less, not more.
Something like curl (or a Java equivalent) will always have much richer
support for HTTP-based features like this, and we'd be wrong to try and
duplicate them. I *never* use anything but a wrapper script around
siterefresh as it is.

Basically, I think this kind of thing needs to be pushed into the metadata
delivery layer itself or pushed out to something more intelligent, with
metadata verification left as a small piece sitting in the middle.

Other opinions?

-- Scott




Archive powered by MHonArc 2.6.16.

Top of Page