Dies ist eine alte Version des Dokuments!

Anbindung Identity Provider an das DFN edu-ID System

Attributfreigabe

Folgende Attribute müssen - sofern verfügbar - für die SP-Komponente des edu-ID-System freigegeben werden:

./conf/attribute-filter.xml
    <AttributeFilterPolicy id="eduid_proxy">
        <PolicyRequirementRule xsi:type="EntityAttributeExactMatch"
                          attributeName="http://macedir.org/entity-category"
                          attributeValue="http://aai.dfn.de/category/dfn-edu-id" />
        <AttributeRule attributeID="eduPersonAffiliation"          permitAny="true" />
        <AttributeRule attributeID="samlPairwiseID"                permitAny="true" />
        <AttributeRule attributeID="givenName"                     permitAny="true" />
        <AttributeRule attributeID="sn"                            permitAny="true" />
        <AttributeRule attributeID="displayName"                   permitAny="true" />
        <AttributeRule attributeID="mail"                          permitAny="true" />
        <AttributeRule attributeID="schacHomeOrganization"         permitAny="true" />
        <AttributeRule attributeID="schacCountryOfResidence"       permitAny="true" />
        <AttributeRule attributeID="schacPlaceOfBirth"             permitAny="true" />
        <AttributeRule attributeID="schacDateOfBirth"              permitAny="true" />
        <AttributeRule attributeID="eduPersonAssurance"            permitAny="true" />
        <AttributeRule attributeID="homePostalAddress"             permitAny="true" />
        <!-- optionale Attribute: -->
        <AttributeRule attributeID="schacPersonalUniqueCode"       permitAny="true" />
        <AttributeRule attributeID="eduPersonEntitlement"          permitAny="true" />
        <AttributeRule attributeID="o"                             permitAny="true" />
        <AttributeRule attributeID="eduPersonOrcid"                permitAny="true" />
   </AttributeFilterPolicy>
  • Zuletzt geändert: vor 15 Monaten