...
- Release a fixed subset of the R&S attribute bundle (or the R&S bundle itself) to all R&S SPs
- Release a dynamic subset of the R&S attribute bundle to each R&S SP on an SP-by-SP basis
The Shibboleth IdP software supports the first option out-of-the-box. The second option requires a special plugin at the Shibboleth IdP.
| Tip | ||
|---|---|---|
| ||
More generally, an IdP may choose to release directory information to all SPs. |
Software Requirements
To release attributes to all R&S SPs with a single configurationIn either case, an IdP leverages entity attributes (instead of entity IDs) to support R&S. Thus the configuration steps documented here require Shibboleth IdP v2.3.4 or later, which fully supports using entity attributes in SP metadata as part of an attribute release filter policy. (No other IdP software is known to support entity attributes at this time.)
| Info | ||
|---|---|---|
| ||
For Shibboleth IdP v2IdPs prior to v2.3.4 (which was released on October 27, 2011. For IdPs prior to v2.3.4), InCommon provides an XSLT tool that filters InCommon metadata into an explicit |
...