...
The federation, however, does provide an explicit statement that associates the IAQs an IdP has been certified for in its metadata. The mechanism for this is described in Assurance Technical Implementation IssuesConsiderations.
Can I discovery what IAQs an IdP supports?
...
- Edit the SP's attribute-map.xml configuration file. Add the following new element to the config:
This corresponds to theCode Block xml xml <Attribute name="urn:oasis:names:tc:SAML:attribute:assurance-certification" id="assurance-certification"/>
<saml:Attribute>
element in the IdP's metadata. - Edit the SP's shibboleth2.xml configuration file. Add the following attribute to the
<ApplicationDefaults>
element:
You will now have anCode Block xml xml metadataAttributePrefix="Meta-"
<ApplicationDefaults>
element with (more or less) the following:Code Block xml xml <ApplicationDefaults id="default" policyId="default" entityID="https://example.org/shibboleth" REMOTE_USER="persistent-id targeted-id eppn" metadataAttributePrefix="Meta-">
...