thijskh
commented
5 years ago I'm a bit hesitant about this. There are infinitely many things one can configure in metadata. The generated metadata provides sane defaults, which directly relate to things that SSP actually knows/handles.
There's no requirement to use the generated metadata as-is. For advanced use cases it can be better to augment the generated metadata (eg with xslt) or to generate it separately from SSP. I'm worried about maintainability if we'd build ifs and config options for all kinds of possible things which are in essence not related to SSP itself.
tvdijen
MrDys
rajeshdnws
I have a rather complex setup using simpleSAMLphp to run a number of service providers. For regionalization reasons (thanks, GDPR), they all respond to the same entityID. My primary SP also includes the regional ACS endpoints so that folks at the various regions can be passed along appropriately.
I would like the ability to be able to configure certain parts of the SP metadata output (ACS endpoints, Single Logout Service location, etc.) from
config.php. Right now I am making these changes via patches tosimplesamlphp/modules/saml/www/sp/metadata.php, but that is fragile and doesn't let me configure on a per-SP basis.If I were to submit a PR that allowed for
config.phpcustomizability of these endpoints, would that be something the project would be interested in? Or, is there another way to accomplish what I need to do with the existing code?