Evolving Attribute Release Policies for campuses

Cantor, Scott cantor.2 at osu.edu
Thu Apr 7 11:24:12 EDT 2016

> Couldn't you get this behavior, though, by setting your attribute filter
> configuration for R&S category SPs to only release if the attribute was
> requested in metadata? And optionally if no requested attributes are in
> metadata for that SP?

Yes, allowing for all the complexities of mapping between SAML attributes and the IdP's attriubutes, but that's not consent/overrideable.

> It wouldn't handle the required/optional piece as I already pointed out, but it
> would at least honor requested attributes.

You can honor isRequired in the filter policy if you want.

-- Scott

More information about the users mailing list