Versions Compared

Old Version 79

changes.mady.by.user trscavo@internet2.edu

Saved on

compared with

New Version 80

changes.mady.by.user trscavo@internet2.edu

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

All R&S SPs in the InCommon Federation now meet the requirements of the international REFEDS Research & Scholarship Entity Category specification. More importantly, InCommon will soon begin importing the metadata of R&S SPs from other federations. Consequently, existing R&S IdP operators should begin thinking about their migration strategy to global R&S.

...

These two options are discussed in the following sections below.

Note
titleYour action is requested but NOT REQUIRED
Neither of the The actions documented here are required actionsNOT REQUIRED. If you choose to take no action, nothing will break. We do, however, strongly encourage you to perform exactly one of the actions documented on this page.

...

Code Block
languagexml
titleA Shib IdP V2 rule that releases attributes to ALL R&S SPs
<afp:PolicyRequirementRule xsi:type="saml:AttributeRequesterEntityAttributeExactMatch"
    attributeName="http://macedir.org/entity-category"
    attributeValue="http://refeds.org/category/research-and-scholarship"/>

Similarly, an An instance Shibboleth IdP V3 may be is configured as followssimilarly:

Code Block
languagexml
titleA Shib IdP V3 rule that releases attributes to ALL R&S SPs
<afp:PolicyRequirementRule xsi:type="saml:EntityAttributeExactMatch"
    attributeName="http://macedir.org/entity-category"
    attributeValue="http://refeds.org/category/research-and-scholarship"/>

...

Note
titleThe Registered By InCommon Category
A new entity category called the Registered by InCommon Category is being considered. The following configuration example illustrates how this category is intended to be used.

To support An IdP that supports R&S locally , an R&S IdP should be configured is configured with a policy rule that releases the R&S Attribute Bundle to R&S SPs registered by InCommon. To do this without relying on the legacy incommon.org R&S tag (a practice that is deprecated), an instance of Shibboleth IdP V2 leverages the Registered By InCommon Category as follows:

...

Code Block
languagexml
titleA Shib IdP V3 rule that releases attributes to R&S SPs registered by InCommon
<afp:PolicyRequirementRule xsi:type="basic:AND">
  <basic:Rule xsi:type="saml:EntityAttributeExactMatch"
      attributeName="http://macedir.org/entity-category"
      attributeValue="http://refeds.org/category/research-and-scholarship"/>
  <basic:Rule xsi:type="saml:RegistrationAuthority"
      registrars="https://incommon.org"/>
</afp:PolicyRequirementRule>

The Note that the registrars XML attribute takes a space-separated list of registrar IDs and therefore the previous configuration is most flexible.

...