Merge pull request #33 from dBucik/saml_metadata_checks

Saml metadata checks
2021-11-09 11:27:01 +01:00 · 2021-11-09 11:27:01 +01:00 · d5079cfe97
parent 0e58108645 e15dadc95a
commit d5079cfe97
2 changed files with 6 additions and 3 deletions
--- a/perun-oidc-server-webapp/src/main/webapp/WEB-INF/user-context.xml
+++ b/perun-oidc-server-webapp/src/main/webapp/WEB-INF/user-context.xml
@ -561,8 +561,8 @@

 	<bean id="metadata" class="org.springframework.security.saml.metadata.CachingMetadataManager">
 		<property name="defaultIDP" value="${saml.idp.defaultIdpEntityId}"/>
-		<property name="refreshCheckInterval" value="60000"/>
-		<property name="refreshRequired" value="false"/>
+		<property name="refreshCheckInterval" value="3600000"/>
+		<property name="refreshRequired" value="true"/>
 		<constructor-arg name="providers">
 			<list>
 				<ref bean="idpMetadata"/>
--- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/saml/IdpMetadataBeans.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/saml/IdpMetadataBeans.java
@ -38,7 +38,10 @@ public class IdpMetadataBeans {
            fsmp.setParserPool(parserPool);
            mp = fsmp;
        }
-        return new ExtendedMetadataDelegate(mp, extendedMetadata);
+        ExtendedMetadataDelegate emd = new ExtendedMetadataDelegate(mp, extendedMetadata);
+        emd.setMetadataRequireSignature(false);
+        emd.setMetadataTrustCheck(false);
+        return emd;
    }

 }