Versions Compared

Old Version 1

changes.mady.by.user Paul Caskey (internet2.edu)

Saved on

compared with

New Version 2

changes.mady.by.user Paul Caskey (internet2.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

https://spaces.at.internet2.edu/pages/viewpage.action?pageId=115180856


Config Contributions

Code Block
languagexml
titleFor IdP 3.3.x
collapsetrue
Change in general-authn.xml--
Add new 2fa supported principal to both authn/Duo, and authn/MFA:
<bean parent="shibboleth.SAML2AuthnContextClassRef" c:classRef="https://refeds.org/profile/mfa" />

...and then just add a release rule.
<afp:AttributeFilterPolicy id="Incommon_Certmanager">     
  <afp:PolicyRequirementRule xsi:type="basic:AttributeRequesterString" value="https://cert-manager.com/shibboleth" />
  <afp:AttributeRule attributeID="email">
    <afp:PermitValueRule xsi:type="basic:ANY" />
  </afp:AttributeRule>
  <afp:AttributeRule attributeID="givenName">
    <afp:PermitValueRule xsi:type="basic:ANY" />
  </afp:AttributeRule>
  <afp:AttributeRule attributeID="surname">
    <afp:PermitValueRule xsi:type="basic:ANY" />
  </afp:AttributeRule>       
  <afp:AttributeRule attributeID="eduPersonPrincipalName">
    <afp:PermitValueRule xsi:type="basic:ANY" />
  </afp:AttributeRule>
</afp:AttributeFilterPolicy>