An open discussion list for topics related to the eduGAIN interfederation service.

[Ian Young <ian AT iay.org.uk>]

On 2 Sep 2013, at 15:30, Alejandro Lara <alara AT reuna.cl> wrote:

> I'm deploying the metadata aggregator tool, in order to collect the edugain 
> metadata and publish in our federation. I was trying to red it with a test 
> IdP (shibboleth) but it miss the ID variable in the EntitiesDescriptor tag, 
> letting empty the URI variable in the Reference tag  the signed metadata 
> generated with metadata aggegator and that generates. 
> 
> How I can generate the ID variable in the collected metadata in order to 
> sign this metadata with the ID as a reference? This is my first time using 
> metadata aggregator tool 

Hi Alejandro,

There is a stage provided with the metadata aggregator that is designed to do 
that for you (GenerateIdStage).  Unfortunately if you're working from the 
public distribution, there's a bug in an underlying library that causes 
problems for that stage so you can't use it.  The problems are fixed in the 
subversion repository, though, so if you're working from a version you have 
checked out from there you should be fine using it.

A simple alternative is to put a little XSLT transform stage in to add the ID 
attribute.  That's actually what I use in the UKf setup, as I wanted a 
timestamp in there rather than a random identifier.

There was a discussion in shibboleth-users about this a couple of months 
back, with example code.  Let me know if you need any additional help (I'm 
the developer, as well as using it in the UKf).

        -- Ian

Attachment: smime.p7s
Description: S/MIME cryptographic signature