New CAS metadata support in 3.4
Paul B. Henson
henson at cpp.edu
Tue Nov 27 00:00:56 EST 2018
On Tue, Nov 27, 2018 at 02:40:39AM +0000, Cantor, Scott wrote:
> > > Intuitively I expected the release policy to match on the defined
> > > exact entityid.
>
> Yes, I think it should.
Hmm, so this is perhaps a bug? Anything else I can do or test to verify?
> The AffiliateMember has to be the entityID of the member SP, which
> doesn't seem to be what you put in there. That still might not work if
I'm not quite following. I guess I thought the AffiliationDescriptor was
added to the entry for the SP you wanted to belong to the group, but it
sounds like you actually create a completely new EntityDescriptor entry
whose name is the group you're creating?
So something like:
<EntityDescriptor entityID="cas-calstateEduPersonEmplID">
<AffiliationDescriptor affiliationOwnerID="https://www.cpp.edu">
<AffiliateMember>https://proxy.library.cpp.edu/</AffiliateMember>
</AffiliationDescriptor>
</EntityDescriptor>
But then you say that still won't work because the requesting entityid will
be the CAS service URL rather than the CAS metadata entityid... Yep, I
tried it, the policy still didn't activate.
--
Paul B. Henson | (909) 979-6361 | http://www.cpp.edu/~henson/
Operating Systems and Network Analyst | henson at cpp.edu
California State Polytechnic University | Pomona CA 91768
More information about the users
mailing list