Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revisionBoth sides next revision
en:aai:mdq [2022/05/02 14:09] Wolfgang Pempeen:aai:mdq [2023/01/12 19:30] Wolfgang Pempe
Line 65: Line 65:
                   baseUrl="https://mdq.aai.dfn.de">                   baseUrl="https://mdq.aai.dfn.de">
            <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai-mdq.pem"/>            <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai-mdq.pem"/>
-    </MetadataProvider> 
-</file> 
- 
-=== Filter IdPs from DFN-AAI Advanced === 
-(see [[en:degrees_of_reliance|Degrees of Reliance]]) 
- 
-**Important:** In ''shibboleth2.xml'', in the root element ''SPConfig'' the namespace ''xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"'' has to be set for this filter to work. 
- 
-<file xml /etc/shibboleth/shibboleth2.xml> 
-    <MetadataProvider type="MDQ" id="dfn_aai_mdq_advanced_only" ignoreTransport="true" 
-                  cacheDirectory="mdq-aai-dfn-de" 
-                  maxCacheDuration="3600" minCacheDuration="600" 
-                  baseUrl="https://mdq.aai.dfn.de"> 
-           <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai-mdq.pem"/> 
-           <MetadataFilter type="Include" matcher="EntityAttributes"> 
-               <saml:Attribute Name="http://aai.dfn.de/loa/degree-of-reliance" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> 
-                 <saml:AttributeValue>advanced</saml:AttributeValue> 
-               </saml:Attribute> 
-           </MetadataFilter> 
     </MetadataProvider>     </MetadataProvider>
 </file> </file>
  • Last modified: 4 months ago