Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
en:aai:mdq [2021/07/14 13:42] – Link in page Silke Meyeren:aai:mdq [2024/02/02 09:44] (current) Wolfgang Pempe
Line 1: Line 1:
-FIXME **This page is not fully translated, yet.** 
- 
 ====== Metadata Query Service (MDQ) ====== ====== Metadata Query Service (MDQ) ======
  
Line 22: Line 20:
  
 **Certificate for the validation of the signature of DFN-AAI MDQ Metadata** (PEM format) \\ **Certificate for the validation of the signature of DFN-AAI MDQ Metadata** (PEM format) \\
-SHA256 Fingerprint: 73:5B:9E:76:8A:A6:33:73:4D:3E:C6:D2:1E:98:B3:D9:03:74:B9:87:16:52:16:53:32:26:9A:B2:55:FC:CA:D2 \\ +SHA256 Fingerprint: 75:18:98:F6:E8:23:21:E8:B1:DC:71:6B:D0:AB:50:F0:C2:DB:9D:CE:4B:2B:A1:88:B1:42:DB:99:13:DB:0D:E9 \\ 
-https://www.aai.dfn.de/fileadmin/metadata/dfn-aai-mdq.pem +https://www.aai.dfn.de/metadata/dfn-aai-mdq.pem 
  
 ===== Examples ===== ===== Examples =====
Line 51: Line 49:
 </file> </file>
  
-We are happy to document further filter mechanisms [[hotline@aai.dfn.de|on demand]]. 
  
 ==== Shibboleth SP 3.2.x ==== ==== Shibboleth SP 3.2.x ====
Line 70: Line 67:
 </file> </file>
  
-=== Ausschließlich IdPs aus DFN-AAI Advanced === +We are happy to document further filter mechanisms [[hotline@aai.dfn.de|on demand]].
-(Zur Unterscheidung zwischen "Advanced" und "Basic" siehe die Erläuterungen zu den [[de:degrees_of_reliance|Verlässlichkeitsklassen]]) +
- +
-**Wichtig:** damit der u.g. Filter funktioniert, muss im Root-Element ''SPConfig'' der Datei ''shibboleth2.xml'' der Namespace ''xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"'' gesetzt sein. +
- +
-<file xml /etc/shibboleth/shibboleth2.xml> +
-    <MetadataProvider type="MDQ" id="dfn_aai_mdq_advanced_only" ignoreTransport="true" +
-                  cacheDirectory="mdq-aai-dfn-de" +
-                  maxCacheDuration="3600" minCacheDuration="600" +
-                  baseUrl="https://mdq.aai.dfn.de"> +
-           <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai-mdq.pem"/> +
-           <MetadataFilter type="Include" matcher="EntityAttributes"> +
-               <saml:Attribute Name="http://aai.dfn.de/loa/degree-of-reliance" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> +
-                 <saml:AttributeValue>advanced</saml:AttributeValue> +
-               </saml:Attribute> +
-           </MetadataFilter> +
-    </MetadataProvider> +
-</file> +
- +
-Weitere Filtermöglichkeiten werden gerne auf [[hotline@aai.dfn.de|Anfrage]] dokumentiert. +
- +
-\\+
  
 ===== Further hints and known issues ===== ===== Further hints and known issues =====
  • Last modified: 3 years ago