Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/clarin-eric/saml_metadata_qa_validator

SAML metadata QA validator for the CLARIN Service Provider Federation. Checks for common weaknesses in Security Assertion Markup Language metadata. Currently focused on SAML metadata about Service Providers.
https://github.com/clarin-eric/saml_metadata_qa_validator

Last synced: 5 months ago
JSON representation

SAML metadata QA validator for the CLARIN Service Provider Federation. Checks for common weaknesses in Security Assertion Markup Language metadata. Currently focused on SAML metadata about Service Providers.

Awesome Lists containing this project

README 

          
= SAML metadata QA validator

:icons: font

:toc: right

:toclevels: 4

:sectnums:

:source-highlighter: pygments



An Apache Ant project in which ISO Schematron is used to validate SAML metadata about Service Providers, as published by the https://www.clarin.eu/spf[CLARIN Service Provider Federation].



The aim of this validation effort, beyond XML Schema (XSD), is that the SAML metadata XSDs have some weaknesses (e.g., regarding md:ContactPerson the element), and that validation beyond basic formal validity has proven indispensable for non-technical policy adherence and interoperability of SAML metadata across identity federations and SAML implementations.



== Requirements



* https://ant.apache.org/[Apache Ant 1.9.5 or higher];

* https://github.com/Schematron/schematron[An ISO Schematron implementation];

* Saxonica Saxon, e.g. https://sourceforge.net/projects/saxon/files/Saxon-HE/9.6/[SaxonHE9-6-0-10J]. Please note that newer versions of Saxon might cause problems.



== Running



. Clone the repository, `cd` to it:

. Run `ant -v -DinputFile=file:`



By default, if `-DinputFile=file:` is not specified, `ant -v` will assess the metadata quality of the https://raw.githubusercontent.com/clarin-eric/SPF-SPs-metadata/master/clarin-sp-metadata.xml[the main CLARIN SPF metadata file]. This default is defined in build.xml#L34[build.xml]



For a running example check https://github.com/clarin-eric/SPF-SPs-metadata/blob/master/CI-assets/compile.sh[how Travis CI deploys and runs it] on the https://github.com/clarin-eric/SPF-SPs-metadata[CLARIN SPF-SPs-metadata repository]



== Use cases



The SAML metadata QA validator is currently used by the CI system of the https://github.com/clarin-eric/SPF-SPs-metadata[CLARIN SPF-SPs-metadata repository] to automatically generate its https://clarin-eric.github.io/SPF-SPs-metadata/page/master_qa_report.html[QA assessment report] on every commit.



This aids CLARIN SP operators and managers, to access the quality and conformance of their metadata with the https://www.clarin.eu/content/guidelines-saml-metadata-about-your-sp[CLARIN SPF metadata guidelines], uppon submmition of their SAML metadata to the repository. It also helps the CLARIN SPF operators to make recomendations and acceptance decisions.



== Output



* A validation stylesheet based on the link:SAML_metadata_QA_validator.sch[Schematron QA validation suite].

* http://www.schematron.com/validators.html[SVRL reports] for the specified `inputFile`, or by default for https://raw.githubusercontent.com/clarin-eric/SPF-SPs-metadata/master/clarin-sp-metadata.xml[the main CLARIN SPF metadata file].

* Files in a simplified XML format (based on the SVRL reports) that can be processed and displayed by Google Sheets or by the https://clarin-eric.github.io/SPF-SPs-metadata/page/master_qa_report.html[QA assessment report page]. The https://clarin-eric.github.io/SPF-SPs-metadata/page/master_qa_report.html[QA assessment report page] presents the current version of output to human consumers. This page is made available to SP operators and other stakeholders.