You should ensure that your SP's copy of the MIT metadata is kept up to date. The current metadata is available in http://web.mit.edu/touchstone/shibboleth/config/metadata/MIT-metadata.xml.

If you run version 2 or higher of the SP (as is strongly recommended, since version 1.3 will not be supported beyond June 30, 2010), then the SP can and should be configured to refresh its copy of the metdata automatically. (If you use the gen-shib2.sh script and template files in http://web.mit.edu/touchstone/config/shibboleth2-sp/ to configure your 2.x SP, this will be done for you).

Otherwise, you must deploy a cron job which runs a script to download and install the latest metadata. A sample of such a script is available in http://web.mit.edu/touchstone/shibboleth/config/metadata/update-metadata.sh-example. Adjust it as necessary for your installation; in particular, if you did not install from the stock RPMs from Internet2, you will need to adjust the setting for the Shibboleth etc directory at the top of the script.   The cron job should be run at least once per day.

The Shibboleth SP software detects and loads the updated metadata automatically; there is no need to restart the web server or shibd.

  • No labels