configure SP for authentication and attribute retrieval
tmikk at umn.edu
Tue Sep 6 22:06:19 BST 2011
Thanks Scott. I take it that I can then ask the people who manage the IdP
to release some additional attributes for an existing entityID? Once they
are released I can make them available by configuring the attribute-map.xml
On Tue, Sep 6, 2011 at 3:57 PM, Cantor, Scott <cantor.2 at osu.edu> wrote:
> On 9/6/11 4:48 PM, "Tonu Mikk" <tmikk at umn.edu> wrote:
> >I would like to configure our SP for authentication and also attribute
> >retrieval. A user would authenticate and upon successful authentication
> >the web server would have access to some additional attributes.
> That's the standard approach and is "the normal way" of using the SP.
> >So far I have configured shibboleth2.xml and metadata file to work with
> >our IdP and provide authentication. I am now looking to configure these
> >two files so that I can retrieve attributes. Do I need to create a new
> >entity ID in order to retrieve attributes?
> No, you just need to configure the IdP to release the attributes you want
> or ask that it be done.
> >For metadata configuration I am referencing this guide:
> >aForSP-AssertionConsumerServices . I understand that I would need to
> >manually create entries like this in the metadata. How would I know the
> >Name and NameFormat that I would need to reference?
> All of that is largely irrelevant to initially testing out this kind of
> thing. The decision on what to release is generally the IdP's to make.
> More dynamic scenarios are far beyond what you want to deal with based on
> the questions you're asking.
> -- Scott
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
Disability Services, Office for Equity and Diversity
tmikk at umn.edu
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users