Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
Last revisionBoth sides next revision
en:aai:mdq [2022/05/02 14:09] Wolfgang Pempeen:aai:mdq [2023/01/12 19:31] – [Shibboleth IdP 4.x] Wolfgang Pempe
Line 49: Line 49:
 </file> </file>
  
-We are happy to document further filter mechanisms [[hotline@aai.dfn.de|on demand]]. 
  
 ==== Shibboleth SP 3.2.x ==== ==== Shibboleth SP 3.2.x ====
Line 65: Line 64:
                   baseUrl="https://mdq.aai.dfn.de">                   baseUrl="https://mdq.aai.dfn.de">
            <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai-mdq.pem"/>            <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai-mdq.pem"/>
-    </MetadataProvider> 
-</file> 
- 
-=== Filter IdPs from DFN-AAI Advanced === 
-(see [[en:degrees_of_reliance|Degrees of Reliance]]) 
- 
-**Important:** In ''shibboleth2.xml'', in the root element ''SPConfig'' the namespace ''xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"'' has to be set for this filter to work. 
- 
-<file xml /etc/shibboleth/shibboleth2.xml> 
-    <MetadataProvider type="MDQ" id="dfn_aai_mdq_advanced_only" ignoreTransport="true" 
-                  cacheDirectory="mdq-aai-dfn-de" 
-                  maxCacheDuration="3600" minCacheDuration="600" 
-                  baseUrl="https://mdq.aai.dfn.de"> 
-           <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai-mdq.pem"/> 
-           <MetadataFilter type="Include" matcher="EntityAttributes"> 
-               <saml:Attribute Name="http://aai.dfn.de/loa/degree-of-reliance" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> 
-                 <saml:AttributeValue>advanced</saml:AttributeValue> 
-               </saml:Attribute> 
-           </MetadataFilter> 
     </MetadataProvider>     </MetadataProvider>
 </file> </file>
  • Last modified: 3 months ago