John Dennis wrote:
It's been a while since I've used admin web interface and it looks like things have changed a bit. I thought one of the data items we used to show on the saml2 sp page (the page which shows an individual sp configuration) was the metadata for the sp but metadata isn't shown. Why?
While debugging the rippowan demo I was pretty sure either the metadata for the keystone SP was missing or wasn't complete. The only way I could confirm this was by using the sqlite command line tool to examine the sqlite databases in /var/lib/ipsilon/idp. Hardly a friendly or efficient way to be able to examine the metadata for a configured SP.
Also, I couldn't find the code that populates the SP configuration page, where is it?
Anyway, the metadata used in the demo is missing an AssertionConsumerService which is one of the reasons ECP with keystoneclient isn't working.
So if I were an Ipsilon admin how could I identify and fix this problem using the web interface?
Well, you can't fix the SP metadata from the IdP anyway, just examine it right?
There is a ticket for being able to replace the metadata on an existing SP which will allow one to both view and replace it.
The SP configuration page is a template, templates/admin/option_config.html
The types are defined in the ServiceProvider class in ipsilon/providers/saml2/provider.py
rob