Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Beide Seiten der vorigen Revision Vorhergehende Überarbeitung Nächste Überarbeitung | Vorhergehende Überarbeitung | ||
de:shibidp3consent_dsgvo_attribute_release [2019/01/21 16:57] – Wolfgang Pempe | de:shibidp:config-consent-dsgvo-attribute-release [2022/05/02 14:51] (aktuell) – Wolfgang Pempe | ||
---|---|---|---|
Zeile 1: | Zeile 1: | ||
====== Beispiel für eine EU-DSGVO-konforme Konfiguration des User Consent Moduls - Attribute Release Templates ====== | ====== Beispiel für eine EU-DSGVO-konforme Konfiguration des User Consent Moduls - Attribute Release Templates ====== | ||
- | **[[de:shibidp3consent_dsgvo|Zurück zur Hauptseite]]** | + | **[[de:shibidp: |
**Anmerkungen: | **Anmerkungen: | ||
- | * Die hier aufgelisteten Varianten beziehen sich auf die Lösungsmodelle aus der Präsentation [[https://www.dfn.de/ | + | * Die hier aufgelisteten Varianten beziehen sich auf die Lösungsmodelle aus der Präsentation [[https://www2.dfn.de/ |
- | * Sollen zusätzlich zu Variante 1 weitere Lösungsmodelle implementiert werden, müssen spezifische Interceptor Flows definiert werden. Siehe hierzu auf der [[de:shibidp3consent_dsgvo|Hauptseite]]. | + | * Sollen zusätzlich zu Variante 1 weitere Lösungsmodelle implementiert werden, müssen spezifische Interceptor Flows definiert werden. Siehe hierzu auf der [[de:shibidp: |
- | * Die u.g. Beispiele erfordern entsprechend angepasste Message Properties. Siehe hierzu auf der [[de:shibidp3consent_dsgvo|Hauptseite]]. | + | * Die u.g. Beispiele erfordern entsprechend angepasste Message Properties. Siehe hierzu auf der [[de:shibidp: |
===== Variante 1: Einwilligung ===== | ===== Variante 1: Einwilligung ===== | ||
**Freiwilligkeit, | **Freiwilligkeit, | ||
+ | ==== Shib IdP 4.0.x ==== | ||
<file xml ./ | <file xml ./ | ||
## | ## | ||
Zeile 19: | Zeile 20: | ||
## attributeReleaseFlowDescriptor - attribute consent flow descriptor | ## attributeReleaseFlowDescriptor - attribute consent flow descriptor | ||
## attributeDisplayNameFunction - function to display attribute name | ## attributeDisplayNameFunction - function to display attribute name | ||
+ | ## attributeDisplayDescriptionFunction - function to display attribute description | ||
## consentContext - context representing the state of a consent flow | ## consentContext - context representing the state of a consent flow | ||
## encoder - HTMLEncoder class | ## encoder - HTMLEncoder class | ||
Zeile 35: | Zeile 37: | ||
#set ($rpOrganizationLogo = $rpUIContext.getLogo()) | #set ($rpOrganizationLogo = $rpUIContext.getLogo()) | ||
#set ($rpOrganizationName = $rpUIContext.organizationDisplayName) | #set ($rpOrganizationName = $rpUIContext.organizationDisplayName) | ||
+ | #set ($replaceDollarWithNewline = true) | ||
## | ## | ||
< | < | ||
Zeile 46: | Zeile 49: | ||
< | < | ||
<form action=" | <form action=" | ||
+ | # | ||
<div class=" | <div class=" | ||
< | < | ||
Zeile 53: | Zeile 57: | ||
#end | #end | ||
</ | </ | ||
- | <br clear=" | + | |
#if ($serviceName) | #if ($serviceName) | ||
<p style=" | <p style=" | ||
Zeile 90: | Zeile 94: | ||
<td> | <td> | ||
#foreach ($value in $attribute.values) | #foreach ($value in $attribute.values) | ||
- | <strong> | + | |
+ | #set ($encodedValue = $encoder.encodeForHTML($value.getDisplayValue()).replaceAll($encoder.encodeForHTML(' | ||
+ | #else | ||
+ | #set ($encodedValue = $encoder.encodeForHTML($value.getDisplayValue())) | ||
+ | #end | ||
+ | #if ($attributeReleaseFlowDescriptor.perAttributeConsentEnabled) | ||
+ | <label for=" | ||
+ | #else | ||
+ | < | ||
+ | #end | ||
<br> | <br> | ||
#end | #end | ||
Zeile 122: | Zeile 135: | ||
#if ($attributeReleaseFlowDescriptor.doNotRememberConsentAllowed) | #if ($attributeReleaseFlowDescriptor.doNotRememberConsentAllowed) | ||
<p> | <p> | ||
- | <input id=" | + | <input id=" |
- | # | + | |
</p> | </p> | ||
#end | #end | ||
#if ($attributeReleaseFlowDescriptor.doNotRememberConsentAllowed || $attributeReleaseFlowDescriptor.globalConsentAllowed) | #if ($attributeReleaseFlowDescriptor.doNotRememberConsentAllowed || $attributeReleaseFlowDescriptor.globalConsentAllowed) | ||
<p> | <p> | ||
- | <input id=" | + | <input id=" |
- | # | + | |
</p> | </p> | ||
#end | #end | ||
Zeile 135: | Zeile 148: | ||
<p> | <p> | ||
<input id=" | <input id=" | ||
- | # | + | |
</p> | </p> | ||
#end | #end | ||
Zeile 143: | Zeile 156: | ||
#end | #end | ||
<p style=" | <p style=" | ||
- | | + | |
<a href=" | <a href=" | ||
- | | + | |
</p> | </p> | ||
</ | </ | ||
Zeile 151: | Zeile 164: | ||
</ | </ | ||
</ | </ | ||
- | </ | + | </ |
</ | </ | ||
Zeile 157: | Zeile 170: | ||
**Durchführung des Beschäftigungsverhältnisses, | **Durchführung des Beschäftigungsverhältnisses, | ||
+ | ==== Shib IdP 4.0.x ==== | ||
<file xml ./ | <file xml ./ | ||
## | ## | ||
Zeile 166: | Zeile 180: | ||
## attributeReleaseFlowDescriptor - attribute consent flow descriptor | ## attributeReleaseFlowDescriptor - attribute consent flow descriptor | ||
## attributeDisplayNameFunction - function to display attribute name | ## attributeDisplayNameFunction - function to display attribute name | ||
+ | ## attributeDisplayDescriptionFunction - function to display attribute description | ||
## consentContext - context representing the state of a consent flow | ## consentContext - context representing the state of a consent flow | ||
## encoder - HTMLEncoder class | ## encoder - HTMLEncoder class | ||
Zeile 182: | Zeile 197: | ||
#set ($rpOrganizationLogo = $rpUIContext.getLogo()) | #set ($rpOrganizationLogo = $rpUIContext.getLogo()) | ||
#set ($rpOrganizationName = $rpUIContext.organizationDisplayName) | #set ($rpOrganizationName = $rpUIContext.organizationDisplayName) | ||
+ | #set ($replaceDollarWithNewline = true) | ||
## | ## | ||
< | < | ||
Zeile 193: | Zeile 209: | ||
< | < | ||
<form action=" | <form action=" | ||
+ | # | ||
<div class=" | <div class=" | ||
< | < | ||
Zeile 237: | Zeile 254: | ||
<td> | <td> | ||
#foreach ($value in $attribute.values) | #foreach ($value in $attribute.values) | ||
- | <strong> | + | |
+ | #set ($encodedValue = $encoder.encodeForHTML($value.getDisplayValue()).replaceAll($encoder.encodeForHTML(' | ||
+ | #else | ||
+ | #set ($encodedValue = $encoder.encodeForHTML($value.getDisplayValue())) | ||
+ | #end | ||
+ | #if ($attributeReleaseFlowDescriptor.perAttributeConsentEnabled) | ||
+ | <label for=" | ||
+ | #else | ||
+ | < | ||
+ | #end | ||
<br> | <br> | ||
#end | #end | ||
Zeile 262: | Zeile 288: | ||
</p> | </p> | ||
#end | #end | ||
- | <p> | + | <div id=" |
- | <input id=" | + | |
- | # | + | |
- | </ | + | < |
- | <p> | + | </ |
- | <input id=" | + | |
- | # | + | |
- | </ | + | <input id=" |
- | + | < | |
- | <div style=" | + | </ |
- | < | + | |
- | | + | <div style=" |
- | </ | + | |
- | </ | + | # |
+ | </ | ||
+ | | ||
<p style=" | <p style=" | ||
<input type=" | <input type=" | ||
Zeile 289: | Zeile 317: | ||
**Kein Zwang, aber Interesse der Einrichtung an Nutzung des Dienstes, Art. 6 Abs. 1 lit. e (in Verbindung mit spezieller Erlaubnisnorm) oder lit. f. Widerspruchsrecht nach Art. 21 Abs. 1** | **Kein Zwang, aber Interesse der Einrichtung an Nutzung des Dienstes, Art. 6 Abs. 1 lit. e (in Verbindung mit spezieller Erlaubnisnorm) oder lit. f. Widerspruchsrecht nach Art. 21 Abs. 1** | ||
+ | ==== Shib IdP 4.0.x ==== | ||
<file xml ./ | <file xml ./ | ||
## | ## | ||
Zeile 298: | Zeile 327: | ||
## attributeReleaseFlowDescriptor - attribute consent flow descriptor | ## attributeReleaseFlowDescriptor - attribute consent flow descriptor | ||
## attributeDisplayNameFunction - function to display attribute name | ## attributeDisplayNameFunction - function to display attribute name | ||
+ | ## attributeDisplayDescriptionFunction - function to display attribute description | ||
## consentContext - context representing the state of a consent flow | ## consentContext - context representing the state of a consent flow | ||
## encoder - HTMLEncoder class | ## encoder - HTMLEncoder class | ||
Zeile 314: | Zeile 344: | ||
#set ($rpOrganizationLogo = $rpUIContext.getLogo()) | #set ($rpOrganizationLogo = $rpUIContext.getLogo()) | ||
#set ($rpOrganizationName = $rpUIContext.organizationDisplayName) | #set ($rpOrganizationName = $rpUIContext.organizationDisplayName) | ||
+ | #set ($replaceDollarWithNewline = true) | ||
## | ## | ||
< | < | ||
Zeile 325: | Zeile 356: | ||
< | < | ||
<form action=" | <form action=" | ||
+ | # | ||
<div class=" | <div class=" | ||
< | < | ||
Zeile 369: | Zeile 401: | ||
<td> | <td> | ||
#foreach ($value in $attribute.values) | #foreach ($value in $attribute.values) | ||
- | <strong> | + | |
+ | #set ($encodedValue = $encoder.encodeForHTML($value.getDisplayValue()).replaceAll($encoder.encodeForHTML(' | ||
+ | #else | ||
+ | #set ($encodedValue = $encoder.encodeForHTML($value.getDisplayValue())) | ||
+ | #end | ||
+ | #if ($attributeReleaseFlowDescriptor.perAttributeConsentEnabled) | ||
+ | <label for=" | ||
+ | #else | ||
+ | < | ||
+ | #end | ||
<br> | <br> | ||
#end | #end | ||
Zeile 394: | Zeile 435: | ||
</p> | </p> | ||
#end | #end | ||
- | | + | |
- | <input id=" | + | |
- | # | + | |
- | </ | + | < |
- | <p> | + | </ |
- | <input id=" | + | |
- | # | + | |
- | </ | + | <input id=" |
- | + | < | |
- | <div style=" | + | </ |
- | < | + | |
- | | + | <div style=" |
- | </ | + | |
- | </ | + | # |
+ | </ | ||
+ | | ||
<p style=" | <p style=" | ||
<input type=" | <input type=" | ||
Zeile 417: | Zeile 460: | ||
</ | </ | ||
</ | </ | ||
+ | |||
+ | {{tag> |