Versions Compared

Old Version 4

changes.mady.by.user Scott Cantor (osu.edu)

Saved on

compared with

New Version 5

changes.mady.by.user Ann West (internet2.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The federation, however, does provide an explicit statement that associates the IAQs an IdP has been certified for in its metadata. The mechanism for this is described in Assurance Technical Implementation IssuesConsiderations.

Can I discovery what IAQs an IdP supports?

...

  1. Edit the SP's attribute-map.xml configuration file. Add the following new element to the config:
    Code Block
    xml
    xml
    <Attribute
    name="urn:oasis:names:tc:SAML:attribute:assurance-certification"
    id="assurance-certification"/>
    This corresponds to the <saml:Attribute> element in the IdP's metadata.
  2. Edit the SP's shibboleth2.xml configuration file. Add the following attribute to the <ApplicationDefaults> element:
    Code Block
    xml
    xml
    metadataAttributePrefix="Meta-"
    You will now have an <ApplicationDefaults> element with (more or less) the following:
    Code Block
    xml
    xml
    <ApplicationDefaults
    id="default" policyId="default"
    entityID="https://example.org/shibboleth"
    REMOTE_USER="persistent-id targeted-id eppn"
    metadataAttributePrefix="Meta-">

...