Relying Party Access Control (by Group)
cantor.2 at osu.edu
Mon May 2 17:27:29 EDT 2016
> I am trying to transition our remaining AD FS profiles over to Shibboleth (IDP
> 3). I am having an issue with one though - the particular SP is limited to
> specific users, based on AD group membership. I can't see to find docs on
> how to implement this is in Shibboleth. Can someone please point me in the
> right direction?
We don't generally consider that a function of the IdP, authz is up to the SP, with the IdP supplying the groups as attributes.
If you must, see .
More information about the users