Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Last revisionBoth sides next revision
en:entity_attributes [2021/03/04 12:09] – [References] Silke Meyeren:entity_attributes [2022/05/02 14:15] Wolfgang Pempe
Line 1: Line 1:
-FIXME **This page is not fully translated, yet. Please help completing the translation.**\\ //(remove this paragraph once the translation is finished)// 
- 
 ====== Entity Attributes ====== ====== Entity Attributes ======
  
Line 25: Line 23:
     </md:Extensions>     </md:Extensions>
  
 +</file>
 +
 +For an example on how to restrict an SP's metadata import to IdPs that conform to the requirements of the Degree of Reliance 'Advanced' please refer to [[en:production#sp_example|Production Environment]].
 +===== SP: Required Degree of Reliance =====
 +This entity attribute is used to signal the [[en:degrees_of_reliance|Degree of Reliance]] required by the respective service provider. 
 +
 +<file xml dfn-aai-sp-metadata.xml>
 +  <EntityDescriptor entityID="https://bw-support.scc.kit.edu/secure">
 +    <Extensions>
 +      <mdrpi:RegistrationInfo registrationAuthority="https://www.aai.dfn.de" registrationInstant="2013-05-29T12:16:37Z">
 +        <mdrpi:RegistrationPolicy xml:lang="en">https://www.aai.dfn.de/en/join/</mdrpi:RegistrationPolicy>
 +        <mdrpi:RegistrationPolicy xml:lang="de">https://www.aai.dfn.de/teilnahme/</mdrpi:RegistrationPolicy>
 +      </mdrpi:RegistrationInfo>
 +      <mdattr:EntityAttributes>
 +        <!-- ... -->      
 +          <saml:Attribute Name="http://aai.dfn.de/require-loa/degree-of-reliance" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
 +          <saml:AttributeValue>advanced</saml:AttributeValue>
 +        </saml:Attribute>
 +      </mdattr:EntityAttributes>
 +    </Extensions>
 </file> </file>
  
Line 207: Line 225:
 <file xml shibboleth2.xml> <file xml shibboleth2.xml>
 <MetadataProvider type="XML" <MetadataProvider type="XML"
-     uri="http://www.aai.dfn.de/fileadmin/metadata/dfn-aai-metadata.xml"+     uri="http://www.aai.dfn.de/metadata/dfn-aai-metadata.xml"
      backingFilePath="dfn-aai-metadata.xml" reloadInterval="3600">      backingFilePath="dfn-aai-metadata.xml" reloadInterval="3600">
    <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai.pem" />    <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai.pem" />
Line 227: Line 245:
 <file xml shibboleth2.xml> <file xml shibboleth2.xml>
 <MetadataProvider type="XML" <MetadataProvider type="XML"
-     uri="http://www.aai.dfn.de/fileadmin/metadata/dfn-aai-edugain+idp-metadata.xml"+     uri="http://www.aai.dfn.de/metadata/dfn-aai-edugain+idp-metadata.xml"
      backingFilePath="dfn-aai-edugain+idp-metadata.xml" reloadInterval="3600">      backingFilePath="dfn-aai-edugain+idp-metadata.xml" reloadInterval="3600">
    <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai.pem" />    <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai.pem" />
Line 247: Line 265:
 <file xml shibboleth2.xml> <file xml shibboleth2.xml>
 <MetadataProvider type="XML" <MetadataProvider type="XML"
-     uri="http://www.aai.dfn.de/fileadmin/metadata/dfn-aai-idp-metadata.xml"+     uri="http://www.aai.dfn.de/metadata/dfn-aai-idp-metadata.xml"
      backingFilePath="dfn-aai-idp-metadata.xml" reloadInterval="3600">      backingFilePath="dfn-aai-idp-metadata.xml" reloadInterval="3600">
    <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai.pem" />    <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai.pem" />
  • Last modified: 17 months ago