Why shibboleth IdP idp-metadata.xml recommends 8443 for SOAP?

Posted by toma on Server Fault See other posts from Server Fault or by toma
Published on 2014-06-03T15:23:23Z Indexed on 2014/06/03 15:28 UTC
Read the original article Hit count: 244

Filed under:

shibboleth

|

metadata

After the install.sh of 2.4.0 Shibboleth Identity Server, the idp-metadata.xml file is created. Why is that? Is not enough secure to use the standard HTTPS/443 port?

    <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.com:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
    <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/SLO" />
    <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.com:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
    <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>

Thanks,

Tamas

© Server Fault or respective owner

Related posts about shibboleth

Shibboleth: found encrypted assertions, but no CredentialResolver was available

as seen on Server Fault - Search for 'Server Fault'
I've gotten a Shibboleth Server Provider (SP) up and running, and I'm using the TestShib Identity Provider (IdP) for testing. The configuration appears to be all correct, and when I requested my secured directory I was sent to the IdP where I logged in and then was sent back to https://example.org/Shibboleth… >>> More
Setting up Shibboleth to secure part of a website

as seen on Server Fault - Search for 'Server Fault'
I've installed the Shibboleth module for apache on Ubuntu 10.04 using aptitude to install libapache2-mod-shib2 as per https://groups.google.com/group/shibboleth-users/browse_thread/thread/9fca3b2af04d5ca8?pli=1 and enabled the module (I have checked in /etc/apache2/mods-enabled) I then proceeded… >>> More
Shibboleth + IIS and Pound Reverse Proxy

as seen on Server Fault - Search for 'Server Fault'
Having a bit of a problem getting Shibboleth (SSO) working with ADFS and Pound. The main problem seems to be that: The website address will be https://website.domain.com Pound will then terminate the SSL and forward the traffic to the webserver on a different port (http://server.domain.com:8888) I… >>> More
Integrating iPhone Application with Shibboleth

as seen on Stack Overflow - Search for 'Stack Overflow'
Has anyone integrated an iPhone application with a Shibboleth Identity Provider? Googling did not come up with anything so I am asking the gurus directly. If it has not been previously dones, is it feasible to do so? >>> More
Good Shibboleth tutorials our there?

as seen on Server Fault - Search for 'Server Fault'
I am looking into using Shibboleth for authentication of webapplications at my organisation. I am very new to this subject and would like to read through some good tutorials, hands-on-lessons or whatever is out there to help newbies getting to know Shibboleth. But so far I have not been able to find… >>> More

Related posts about metadata

Storing SCA Metadata in the Oracle Metadata Services Repository by Nicolás Fonnegra Martinez and Markus Lohn

as seen on Oracle Blogs - Search for 'Oracle Blogs'
The advantages of using the Oracle Metadata Services Repository as a central storage for the metadata. SCA has been available since the release of the Oracle SOA Suite 11g. This technology combines and orchestrates several SOA components inside an SCA composite, making design, development… >>> More
Logical Domain Modeling Made Simple

as seen on Oracle Blogs - Search for 'Oracle Blogs'
How can logical domain modeling be made simple and collaborative? Many non-technical end-users, managers and business domain experts find it difficult to understand the visual models offered by many UML tools. This creates trouble in capturing and verifying the information that goes into a logical… >>> More
Error starting modern compiler

as seen on Stack Overflow - Search for 'Stack Overflow'
In my servlet , I m using Tomcat 5.0 and JRE is 1.5.0 but it is giving error when I click on the URL . As when I created a war file of my project and deployed in tomcat than it is working fine . It means that only problem with my eclipse configuration ERROR IS : - Apr 5, 2010 3:20:22 PM org.apache… >>> More
How to remove Thumbnail property of a JPEG image without distrubing other Exif data in C ++ .net.

as seen on Stack Overflow - Search for 'Stack Overflow'
I have an application which edits the metadata part of the JPEG image. I have to remove the thumbnail metadata with out disturbing other metadata. I have tried out the code below but was not successful in removing thumbnail metadata. can some help me out in solving this query thanks in advance. array<String^>^… >>> More
Ask Tom: "On Constraints, Metadata, and Truth"

as seen on Oracle Technology Network - Search for 'Oracle Technology Network'
Our technologist uses constraints to improve query performance. >>> More