This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Periodic Updating of Metadata

I know this topic has been discussed before, but outside of doing something very custom, is there any way to get NAM to do periodic updating/re-reading of SP metadata?  I recently was setting up an SP and the vendor expires their metadata every hour!  Every time you pull the metadata, the validTo timestamp is one hour in the future.  Of course, I can just edit the metadata and do a manual text import, but I'm wondering if there is a more elegant way to just get NAM to refresh it now?

Matt 

  • 0

    Plus one for this, I have a client where 2 of their SP's update metadata daily. I see there is code on github to do metadata/cert updates, but is written for the spring framework, so obviously to be rewritten to work with the various NAM backend components.

  • 0

    I plan to have something created to do this in the next week or so. It will grab the metadata, verify the signature, optionally check the version and expiration to see if an update is needed. The tricky part is that often metadata needs to be modified so I plan to have the ability to configure a custom modifier class for each SP. The metadata will then be updated using the admin API and then the config will  be refreshed. I'm thinking of making the refresh optional so that a notification can be sent to the admin instead. The question is, who is willing to pay for this functionality.

  • 0 in reply to 

    Microfocus? Would save them putting into the roadmap, prioritizing it, scheduling and allocating dev resources, so would probably see it in AM 5.3..after all still waiting for ACME certificate API support....

  • 0 in reply to 

    I'm having issues with corrupted keystores. Recovering from those is a major pain. It's taking longer to work through those issues than I'd like.

  • 0

    I encountered a situation where I had to set up a Service Provider (SP) integration with a vendor whose metadata expires every hour. To be more specific, the validTo timestamp in their metadata is set to one hour in the future. This creates a recurring need to update and refresh the metadata within NAM to ensure seamless and uninterrupted authentication and authorization processes.

  • 0

    I put this on the back burner and haven't gotten back to it. I still don't see the logic in expiring every hour. Anyone have an explanation?