-
Notifications
You must be signed in to change notification settings - Fork 1
Adding New Validators
The validators to load are, by default, defined and configured in the upstream mda-validator project. The mda-validator is a Java micro-service to perform SAML metadata validation using the Shibboleth Metadata Aggregator (MDA) and is made available as a Docker Image. To create the Docker Image, the micro-service is compiled into a layered fat-jar which is unpacked into several directories by Spring Boot's layer tools; each directory is used to create an image layer in the mda-validator's final image. One of those directory layers, COPY --from=builder application/application/ ./, contains the /application/BOOT-INF/classes/ directory that includes both the Spring Boot properties file (application.properties) that lists the validators (validator.configurations) to use, as well as any validator XML Spring configuration files defined by the mda-validator project itself.
The Docker image for each of the individual testbed validators is built from the mda-validator image and ADDS new files from the testbed's validators/overlays/all directory (and subdirectories thereof) into the /application/BOOT-INF directory of the final image (overlays specific to 0.9.X and 0.10.X can be placed into the validators/overlays/09 and validators/overlays/010 respectively). In this way, you can add or replace validator configurations as well as the entire application.properties file.
To define a new validator, first, place a suitable Spring XML validator configuration file into the validators/overlays/all/classes project directory. For example validators/overlays/all/classes/new-validator.xml:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
default-lazy-init="true"
xmlns:c="http://www.springframework.org/schema/c"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">
<!-- *** Default Shibboleth component bean id property from Spring bean id *** -->
<bean class="net.shibboleth.shared.spring.config.IdentifiableBeanPostProcessor" lazy-init="false"/>
<bean id="id" parent="String" c:_="new"/>
<bean id="description" parent="String" c:_="New validator."/>
<bean id="pipeline" parent="mda.SimplePipeline">
<property name="stages">
<list>
ADD STAGES/TESTS HERE
</list>
</property>
</bean>
</beans>Note: If the validator's configuration is not compatible with version 0.9.0 of the MDA (e.g. class names etc.), you will need to place a complete, adjusted, validator configuration file into the overlay directory specific to V0.9.0 of the MDA i.e. validators/overlays/09/classes. The versioned overlays are layered on top of the all overlay in the validator's final Docker image.
Finally, create a new application.properties file in the validators/overlays/all/classes directory that references the new-validator.xml created above. For example, the entire application.properties file would look like this (remembering this will replace the base properties file in the mda-validator image, and so needs to define all required properties):
server.port=8080
spring.jackson.date-format=uk.org.iay.md.validator.RFC3339DateFormat
spring.jackson.serialization.WRITE_DATES_AS_TIMESTAMPS=false
# Common configuration shared across all validators.
validator.common = common-beans.xml
# Space-separated list of the validator configurations to load.
validator.configurations = default-validator.xml \
empty-validator.xml test/validator.xml new-validator.xml