metadata-support - [Metadata-Support] disable verification of the backing file on the Shib SP
Subject: InCommon metadata support
List archive
- From: Tom Scavo <>
- To: "" <>
- Subject: [Metadata-Support] disable verification of the backing file on the Shib SP
- Date: Wed, 29 Jun 2016 14:21:06 -0400
Earlier, some of you reported a significant increase in startup time
at the SP once InCommon began importing eduGAIN metadata. This is due
to the time it takes to verify the signature on the metadata, which is
known to increase exponentially as the size of the metadata file
increases.
I am happy to report that today the Shibboleth Project announced
Shibboleth Service Provider V2.6.0, which addresses this issue. See
the SP Release Notes [1] for a brief explanation of the new
verifyBackup setting on the Signature MetadataFilter.
Basically, instead of this:
<MetadataFilter type="Signature" .../>
consider this:
<MetadataFilter type="Signature" verifyBackup="false" .../>
Followups to the Shibboleth users mailing list, please.
Tom
[1] https://wiki.shibboleth.net/confluence/x/QoFC
- [Metadata-Support] disable verification of the backing file on the Shib SP, Tom Scavo, 06/29/2016
Archive powered by MHonArc 2.6.16.