1 files changed, 70 insertions, 0 deletions

diff --git a/conf-from-container/conf/authn/external-authn-config.xml b/conf-from-container/conf/authn/external-authn-config.xml
new file mode 100644
index 0000000..8b3a159
--- /dev/null
+++ b/conf-from-container/conf/authn/external-authn-config.xml
@@ -0,0 +1,70 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:context="http://www.springframework.org/schema/context"
+       xmlns:util="http://www.springframework.org/schema/util"
+       xmlns:p="http://www.springframework.org/schema/p"
+       xmlns:c="http://www.springframework.org/schema/c"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+                           http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
+                           http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
+                           
+       default-init-method="initialize"
+       default-destroy-method="destroy">
+
+    <!-- Servlet context-relative path to wherever your implementation lives. -->
+    <bean id="shibboleth.authn.External.externalAuthnPath" class="java.lang.String"
+        c:_0="contextRelative:Authn/External" />
+
+    <!--
+    Default is to always use the path in the bean above. If you want to determine it
+    dynamically, define a bean called "shibboleth.authn.External.externalAuthnPathStrategy"
+    of type Function<ProfileRequestContext,String> that returns the path to use.
+    -->
+
+    <!--
+    Add authentication flow descriptor's supportedPrincipals collection to the resulting Subject?
+    You would normally only unset this if you plan to return a fully decorated Java Subject from your
+    external authentication source.
+    -->
+    <util:constant id="shibboleth.authn.External.addDefaultPrincipals" static-field="java.lang.Boolean.TRUE" />
+
+    <!--
+    <bean id="shibboleth.authn.External.matchExpression" class="java.util.regex.Pattern" factory-method="compile"
+        c:_0="^(.+)@example\.edu]$" />
+    -->
+
+    <!--
+    Define entries here to map error messages returned by external modules and classify them as particular
+    kinds of errors for use in your templates and as events in flows.
+
+    Keys are events to signal, values are error codes.
+
+    The examples here just allow external signaling of the exact type of condition to record.
+    
+    If you want to "fall-through" to other login flows, include a mapping to "ReselectFlow".
+    -->
+    <util:map id="shibboleth.authn.External.ClassifiedMessageMap">
+        <entry key="UnknownUsername">
+            <list>
+                <value>UnknownUsername</value>
+            </list>
+        </entry>
+        <entry key="InvalidPassword">
+            <list>
+                <value>InvalidPassword</value>
+            </list>
+        </entry>
+        <entry key="ExpiredPassword">
+            <list>
+                <value>ExpiredPassword</value>
+            </list>
+        </entry>
+        <entry key="ExpiringPassword">
+            <list>
+                <value>ExpiringPassword</value>
+            </list>
+        </entry>
+    </util:map>
+    
+</beans>