Merge "Update Makefile Update metadata.yml with correct URL"
diff --git a/README.rst b/README.rst
index c079e06..daff9cb 100644
--- a/README.rst
+++ b/README.rst
@@ -43,3 +43,15 @@
aN5DvAdir7oYCpHwD5/WvHahUgsrtcz9s+pzRfiStvICVwqCsGquThZHe8YAgGpZ
04UU/56ncPbsHf5asS3DvfVGw==
-----END CERTIFICATE-----
+
+
+Shibboleth through HTTP proxy
+==============
+Sometimes there is needed to connect to IdP through HTTP proxy. This has to be done via adding TransportOption to MetadataProvider in Shibboleth2.xml configuration file.
+
+.. code-block:: yaml
+
+ shibboleth:
+ server:
+ enabled: true
+ proxy: http://10.10.10.12:8888
\ No newline at end of file
diff --git a/shibboleth/files/shibboleth2.xml b/shibboleth/files/shibboleth2.xml
index ad5554c..f900165 100644
--- a/shibboleth/files/shibboleth2.xml
+++ b/shibboleth/files/shibboleth2.xml
@@ -74,6 +74,9 @@
{%- if server.idp_certificate is defined %}
<MetadataFilter type="Signature" certificate="/etc/shibboleth/fedsigner.pem"/>
{%- endif %}
+ {%- if server.proxy is defined %}
+ <TransportOption provider="CURL" option="10004">"{{ server.proxy }}"</TransportOption>
+ {%- endif %}
</MetadataProvider>
<!-- Example of locally maintained metadata. -->