Shibboleth Developers

[Walter Hoehn <>]

Hi Ian,

I'm quite surprised by this behavior, especially given that you've  
been able to successfully modify individual provider metadata  
elements.  There is no element-level caching of this information in  
the IdP at this point.  As a matter of fact, the refreshes are  
triggered by filesystem time-stamps, so there should be no difference  
based on what content you change.

Please do report if you can duplicate the problem.

-Walter


On Aug 1, 2006, at 8:00 AM, Ian Young wrote:

> We had some interesting behaviour the other day when adding a new  
> trust root to our federation metadata.
>
> We've always been able to avoid restarting IdPs when we made  
> changes to the entities in the metadata, but the observation was  
> that an addition to the list of KeyInfo elements in the  
> KeyAuthority extension didn't seem to be picked up until we  
> restarted our IdP.
>
> My recollection of what people have said before was that changes to  
> the metadata didn't require an IdP restart in 1.3.  This is backed  
> up by the wiki page:
>
> https://authdev.it.ohio-state.edu/twiki/bin/view/Shibboleth/ 
> IdPProductionConfiguration
>
> or
>
> http://tinyurl.com/l23vk
>
> I tried trawling through the code, but for once I wasn't able to  
> figure out what the actual flow was so that I could track this down  
> definitively.
>
> Is the wiki page right, and we just thought we saw this but the  
> behaviour was really caused by something else?  Or is this an  
> exception to the rule, intentional or otherwise?
>
> Obviously this is not the kind of change that comes up very often,  
> so it isn't a big deal either way.  I just need to understand what  
> is happening, if at all possible.
>
>         -- Ian