Development #754
Declare attribute policy from attribute-filter.xml Shib files
Début:
12 octobre 2011
Echéance:
% réalisé:
0%
Temps estimé:
Patch proposed:
Planning:
Historique
Mis à jour par Benjamin Dauvergne il y a environ 9 ans
- Statut changé de Nouveau à Solution déployée
- Assigné à changé de Mikaël Ates à Benjamin Dauvergne
commit 55681a461eff685aae8171a812eb526cd0de59d5
Author: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Thu Nov 6 12:16:29 2014 +0100
Add 2 new options to sync-metadata for loading Shibboleth attribute filter policies
--reset-attributes When loading shibboleth attribute filter policies,
start by removing all existing SAML attributes for
each provider
--shibboleth-attribute-filter-policy=ATTRIBUTE-FILTER-POLICY
Path to a file containing an Attribute Filter Policy
for the Shibboleth IdP, that will be used to configure
SAML attributes for each provider. The following
schema is supported: <AttributeFilterPolicy
id="<whatever>"> <PolicyRequirementRule
xsi:type="basic:AttributeRequesterString"
value="<entityID>" > [
<AttributeRule attributeID="<attribute-name>">
<PermitValueRule xsi:type="basic:ANY"/>
</AttributeRule> ]*
</AttributeFilterPolicy> Any other kind of attribute
filter policy is unsupported.
The SAML attributes created use the LDAP profile i.e. name format is URI and
name contains the OID of the corresponding attribute in its LDAP schema.
refs #5664
Mis à jour par Benjamin Dauvergne il y a environ 9 ans
- Statut changé de Solution déployée à Fermé