ConsentConfiguration , consent intercept not showing up in IDP v4.1

Wed Jun 9 16:37:16 UTC 2021

Hello, I followed doc 
https://wiki.shibboleth.net/confluence/display/IDP4/ConsentConfiguration

but my IDP still don't show the intercept of attribute consent, I get to 
a test SP (attribute-viewer)  without beeing ask to consent attributs 
(and I do see attributes on the SP !)

here's what I did :

1) enabled the module : |bin/module.sh -e idp.intercept.Consent|

2) set consent properties in idp.properties :

idp.consent.allowGlobal = true
idp.consent.allowPerAttribute = true

+ storage

idp.consent.StorageService = shibboleth.ClientPersistentStorageService

idp.consent.maxStoredRecords = 10

3) configured (example)  messages in /messages/messages.properties/

|my-terms = my-tou|
|my-tou.title = Example Terms of Use|
|my-tou.text = This is an example Terms of Use|

4) Using One Terms of Use Message for Every Relying Party 
|/conf/intercept/consent-intercept-config.xml/|

|<bean id=||"shibboleth.consent.terms-of-use.Key"| 
|parent=||"shibboleth.Functions.Constant"||>|
|||<constructor-arg value=||"my-terms"||/>|
|</bean>|
|+|
|<util:set id="shibboleth.consent.attribute-release.PromptedAttributeIDs">
         <value>mail</value>
     </util:set>
|

|5) |Enabling Terms Of Use Intercept Flow /conf/relying-party.xml/.

/
                 
                 <bean parent="SAML2.SSO" p:postAuthenticationFlows="#{ 
{'terms-of-use', 'attribute-release'} }" />/
not sure of that one ...?

7) after all these configurations, I stoped tomcat, rebuild idp.war 
(shibboleth-idp]# ./bin/build.sh  => Installation Directory: 
[/opt/shibboleth-idp] ) , restart tomcat

but still , no attribute release Intercept consent appears  .

did I missed something ?

thanks .

|//|

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20210609/39392768/attachment.htm>