shibboleth-dev - restarting the IdP needed for change in trust roots?
Subject: Shibboleth Developers
List archive
- From: Ian Young <>
- To: Shibboleth Developers <>
- Subject: restarting the IdP needed for change in trust roots?
- Date: Tue, 01 Aug 2006 14:00:50 +0100
We had some interesting behaviour the other day when adding a new trust root to our federation metadata.
We've always been able to avoid restarting IdPs when we made changes to the entities in the metadata, but the observation was that an addition to the list of KeyInfo elements in the KeyAuthority extension didn't seem to be picked up until we restarted our IdP.
My recollection of what people have said before was that changes to the metadata didn't require an IdP restart in 1.3. This is backed up by the wiki page:
https://authdev.it.ohio-state.edu/twiki/bin/view/Shibboleth/IdPProductionConfiguration
or
http://tinyurl.com/l23vk
I tried trawling through the code, but for once I wasn't able to figure out what the actual flow was so that I could track this down definitively.
Is the wiki page right, and we just thought we saw this but the behaviour was really caused by something else? Or is this an exception to the rule, intentional or otherwise?
Obviously this is not the kind of change that comes up very often, so it isn't a big deal either way. I just need to understand what is happening, if at all possible.
-- Ian
- restarting the IdP needed for change in trust roots?, Ian Young, 08/01/2006
- Re: restarting the IdP needed for change in trust roots?, Chad La Joie, 08/01/2006
- Re: restarting the IdP needed for change in trust roots?, Ian Young, 08/01/2006
- Re: restarting the IdP needed for change in trust roots?, Walter Hoehn, 08/01/2006
- Re: restarting the IdP needed for change in trust roots?, Ian Young, 08/03/2006
- Re: restarting the IdP needed for change in trust roots?, Chad La Joie, 08/01/2006
Archive powered by MHonArc 2.6.16.