Does the vendor require you to configure your IdP (CAS server) to obtain
the metadata from them dynamically? Or could you:

   1. Use curl to grab a copy of their metadata from
   https://vendor.com/metadata
   2. Edit the metadata yourself and get rid of the "validUntil" attribute
   3. Put the edited metadata on the CAS server somewhere (e.g.,
   /etc/cas/saml/sp-metadata/vendor.xml) and make sure it has the right
   owner/permissions so CAS can read it
   4. Change the "metadataLocation" field in your service registry entry to
   point at the file instead of the vendor's URL

Should work...

--Dave


--

DAVID A. CURRY, CISSP
*DIRECTOR OF INFORMATION SECURITY*
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david.cu...@newschool.edu

[image: The New School]

On Tue, May 8, 2018 at 3:01 PM, John D Giotta <jdgio...@gmail.com> wrote:

> We're the identify provider and the vendor is the service provider.
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/125fbfc6-d66b-46c8-8922-
> 069d914944c8%40apereo.org
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/125fbfc6-d66b-46c8-8922-069d914944c8%40apereo.org?utm_medium=email&utm_source=footer>
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XANQ8HduJbiC%3DJXz1PhMQ-_OL3bc601popa0q%2BM%2BSVerpA%40mail.gmail.com.

Reply via email to