Rozdiely

Tu môžete vidieť rozdiely medzi vybranou verziou a aktuálnou verziou danej stránky.

Odkaz na tento prehľad zmien

Obojstranná predošlá revízia Predchádzajúca revízia
Nasledujúca revízia 		Predchádzajúca revízia
install:idp:idp:attribute-filter [25. 11. 2022 11:15]
mstanislav@umb.sk 		install:idp:idp:attribute-filter [07. 02. 2023 09:37] (aktuálne)
mstanislav@umb.sk
Riadok 18: Riadok 18:
       <AttributeRule attributeID="cn" permitAny="true" />       <AttributeRule attributeID="cn" permitAny="true" />
       <AttributeRule attributeID="mail" permitAny="true" />       <AttributeRule attributeID="mail" permitAny="true" />
 +      <AttributeRule attributeID="eduPersonAssurance" permitAny="true" />
       <AttributeRule attributeID="eduPersonAffiliation" permitAny="true" />       <AttributeRule attributeID="eduPersonAffiliation" permitAny="true" />
       <AttributeRule attributeID="eduPersonPrincipalName" permitAny="true" />       <AttributeRule attributeID="eduPersonPrincipalName" permitAny="true" />
Riadok 75: Riadok 76:
         NameID is recommended, though. As is releasing givenName+sn         NameID is recommended, though. As is releasing givenName+sn
         in addition to displayName, to help with interoperability. -->         in addition to displayName, to help with interoperability. -->
 +      <AttributeRule attributeID="eduPersonAssurance" permitAny="true" />
       <AttributeRule attributeID="eduPersonPrincipalName" permitAny="true" />       <AttributeRule attributeID="eduPersonPrincipalName" permitAny="true" />
       <AttributeRule attributeID="eduPersonTargetedID" permitAny="true" />       <AttributeRule attributeID="eduPersonTargetedID" permitAny="true" />
Riadok 96: Riadok 98:
     </AttributeFilterPolicy>     </AttributeFilterPolicy>
  
-    <!-- GEANT & REFEDS Data protection Code of Conduct -->+    <!-- GEANT Data protection Code of Conduct or REFEDS Data Protection Code of Conduct Entity Category -->
     <!-- Release data to EU/EEA/Adequate CoCo-SPs, based on RequestedAttributes in SAML metadata -->     <!-- Release data to EU/EEA/Adequate CoCo-SPs, based on RequestedAttributes in SAML metadata -->
     <AttributeFilterPolicy id="GeantEEADataProtectionCodeOfConduct">     <AttributeFilterPolicy id="GeantEEADataProtectionCodeOfConduct">
Riadok 121: Riadok 123:
         </AttributeRule>         </AttributeRule>
         <AttributeRule attributeID="mail">         <AttributeRule attributeID="mail">
 +            <PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="true" />
 +        </AttributeRule>
 +        <AttributeRule attributeID="eduPersonAssurance">
             <PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="true" />             <PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="true" />
         </AttributeRule>         </AttributeRule>
Riadok 204: Riadok 209:
     </AttributeFilterPolicy>     </AttributeFilterPolicy>
  
-    <!--  Release the transient ID to anyone -->+    <!--  transient ID release is enabled by default  --> 
 +    <!--
     <AttributeFilterPolicy id="releaseTransientIdToAnyone">     <AttributeFilterPolicy id="releaseTransientIdToAnyone">
         <PolicyRequirementRule xsi:type="ANY" />         <PolicyRequirementRule xsi:type="ANY" />
Riadok 212: Riadok 218:
         </AttributeRule>         </AttributeRule>
     </AttributeFilterPolicy>     </AttributeFilterPolicy>
-    +    --> 
 </AttributeFilterPolicyGroup> </AttributeFilterPolicyGroup>
 </code> </code>
  • install/idp/idp/attribute-filter.1669371326
  • Posledná úprava: 25. 11. 2022 11:15