shibboleth-dev - Metadata, SP elements, specifying requested elements
Subject: Shibboleth Developers
List archive
- From:
- To:
- Subject: Metadata, SP elements, specifying requested elements
- Date: Mon, 13 Nov 2006 11:10:30 -0500
I've been playing some with the AttributeConsumingService that is available within the SPSSODescriptor element, and beginning to wonder how tools such as WebShARPE could leverage this element...
Here's a sample that I've developed -- it contains three different AttributeConsumingService elements (which I've arbitrarily tagged as different Service Levels).
Is this how people were expecting that this element would be used?
<EntityDescriptor entityID="https://attribute-test.cis.brown.edu/shibboleth";>
<SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
<KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<ds:KeyName>stc-test8.cis.brown.edu</ds:KeyName>
</ds:KeyInfo>
</KeyDescriptor>
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://stc-test8.cis.brown.edu/Shibboleth.sso/SAML/POST"; index="0"/>
<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://stc-test8.cis.brown.edu/Shibboleth.sso/SAML/Artifact"; index="1"/>
<AttributeConsumingService index="0" isDefault="true" >
<ServiceName xml:lang="en">Shibboleth Wiki - Bronze Level</ServiceName>
<ServiceDescription xml:lang="en">Wiki containing Shibboleth support and documentation materials</ServiceDescription>
<RequestedAttribute Name="urn:mace:dir:attribute-def:eduPersonEntitlement" NameFormat="urn:mace:shibboleth:1.0:attributeNamespace:uri"
FriendlyName="eduPersonEntitlement" isRequired="true">
<AttributeValue xmlns="urn:oasis:names:tc:SAML:2.0:assertion">foo</AttributeValue>
</RequestedAttribute>
</AttributeConsumingService>
<AttributeConsumingService index="0" >
<ServiceName xml:lang="en">Shibboleth Wiki - Silver Level</ServiceName>
<ServiceDescription xml:lang="en">Wiki containing Shibboleth support and documentation materials</ServiceDescription>
<RequestedAttribute Name="urn:mace:dir:attribute-def:eduPersonPrincipalName" NameFormat="urn:mace:shibboleth:1.0:attributeNamespace:uri"
FriendlyName="eduPersonPrincipalName" isRequired="true"/>
</AttributeConsumingService>
<AttributeConsumingService index="0" >
<ServiceName xml:lang="en">Shibboleth Wiki - Gold level</ServiceName>
<ServiceDescription xml:lang="en">Wiki containing Shibboleth support and documentation materials</ServiceDescription>
<RequestedAttribute Name="urn:mace:dir:attribute-def:eduPersonPrincipalName" NameFormat="urn:mace:shibboleth:1.0:attributeNamespace:uri"
FriendlyName="eduPersonPrincipalName" isRequired="true"/>
<RequestedAttribute Name="urn:mace:dir:attribute-def:email" NameFormat="urn:mace:shibboleth:1.0:attributeNamespace:uri"
FriendlyName="email" isRequired="true"/>
</AttributeConsumingService>
</SPSSODescriptor>
</EntityDescriptor>
- Metadata, SP elements, specifying requested elements, Steven_Carmody, 11/13/2006
- RE: Metadata, SP elements, specifying requested elements, Scott Cantor, 11/13/2006
Archive powered by MHonArc 2.6.16.