| Note | ||
|---|---|---|
| ||
Note that this page has been deprecated. The information it contains is no longer current. InCommon no longer certifies IdPs that release R&S attributes only locally, although some IdPs do still retain that legacy certification, so this document has been retained to illuminate the differences between global and InCommon-only R&S certifications. All IdPs are encouraged to certify for global R&S; see How to Apply for the Research and Scholarship (R&S) Entity Category for more information. |
Migrating an IdP to the Global Research & Scholarship Category
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
<afp:PolicyRequirementRule xsi:type="basic:AND">
<basic:Rule xsi:type="saml:EntityAttributeExactMatch"
attributeName="http://macedir.org/entity-category"
attributeValue="http://refeds.org/category/research-and-scholarship"/>
<basic:Rule xsi:type="saml:RegistrationAuthority"
registrars="https://incommon.org"/>
</afp:PolicyRequirementRule> |
| Tip | ||
|---|---|---|
| ||
Note that the registrars XML attribute in the preceding example takes a space-separated list of registrar IDs |
...
| , which is most flexible. You could easily expand your attribute release policy by adding other registrar IDs to the list. |
For more information about configuring an IdP for R&S, consult the R&S IdP Config topic in the wiki.
...
As long as there are IdPs that want to restrict attribute release to R&S SPs registered by InCommon, the legacy incommon.org R&S tag will remain in IdP metadata. Note well: From a global perspective, you do not support R&S unless you recognize the refeds.org R&S entity attribute value in SP metadata.
When should I migrate to global R&S, that is, when should I reconfigure my IdP to release attributes to all R&S SPs globally?
...
If you don’t want to release attributes to R&S SPs from other federations, don’t change your attribute release policy to recognize the refeds.org R&S entity attribute value. Simply continue to recognize the legacy incommon.org R&S entity attribute value as you do now, or better yet, reconfigure your IdP to release attributes to R&S SPs registered by InCommon without relying on the legacy incommon.org R&S tag.
If I don’t release attributes to global R&S SPs, why do I have to touch my IdP config at all?
...
That said, we encourage you to reconfigure your IdP as documented. If you do, and we decide to remove the legacy incommon.org R&S tag from SP metadata at some later date, you’ll be all set. In any case, we won’t do anything without giving everyone ample lead time.