This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | Next revisionBoth sides next revision |
en:aai:mdq [2022/05/02 14:09] – Wolfgang Pempe | en:aai:mdq [2023/01/12 19:30] – Wolfgang Pempe |
---|
baseUrl="https://mdq.aai.dfn.de"> | baseUrl="https://mdq.aai.dfn.de"> |
<MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai-mdq.pem"/> | <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai-mdq.pem"/> |
</MetadataProvider> | |
</file> | |
| |
=== Filter IdPs from DFN-AAI Advanced === | |
(see [[en:degrees_of_reliance|Degrees of Reliance]]) | |
| |
**Important:** In ''shibboleth2.xml'', in the root element ''SPConfig'' the namespace ''xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"'' has to be set for this filter to work. | |
| |
<file xml /etc/shibboleth/shibboleth2.xml> | |
<MetadataProvider type="MDQ" id="dfn_aai_mdq_advanced_only" ignoreTransport="true" | |
cacheDirectory="mdq-aai-dfn-de" | |
maxCacheDuration="3600" minCacheDuration="600" | |
baseUrl="https://mdq.aai.dfn.de"> | |
<MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai-mdq.pem"/> | |
<MetadataFilter type="Include" matcher="EntityAttributes"> | |
<saml:Attribute Name="http://aai.dfn.de/loa/degree-of-reliance" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> | |
<saml:AttributeValue>advanced</saml:AttributeValue> | |
</saml:Attribute> | |
</MetadataFilter> | |
</MetadataProvider> | </MetadataProvider> |
</file> | </file> |