Differences

This shows you the differences between two versions of the page.

--- en:functionaltest_sp [2017/06/15 21:36] – Wolfgang Pempe
+++ en:functionaltest_sp [2017/06/16 14:24] – Wolfgang Pempe
@@ Line 17: / Line 17: @@
 ==== Attribute-based Authorization ====
 **Important:** At many Home Organizations (not only in Germany), there are also users registered with the Identity Management System (and therefore able to login to the IdP) that are not members of the respective Institution in a strict sense, like guests, cooperation partners, almuni etc. \\
-In the overwhelming majority of cases, a service (respectively a Service Provider) is supposed to be available only for a subset of the users at a Home Organization. For this reason, a successful authentication at the home IdP is usually not sufficient for granting access to a protected resource! Rather, the authorization decision must be made by means of the user attributes released by the IdP. Which attributes (and attribute) values are appropriate for this purpose, depends on the type and implementation of the respective service. If you have any questions, please contact the [[https://www.aai.dfn.de/kontakt/|DFN-AAI Helpdesk]].
+In the overwhelming majority of cases, a service (respectively a Service Provider) is supposed to be available only for a subset of the users at a Home Organization. For this reason, a successful authentication at the home IdP is usually not sufficient for granting access to a protected resource! Rather, the authorization decision must be made by means of the user attributes released by the IdP. Which attributes (and attribute values) are appropriate for this purpose, depends on the type and implementation of the service / Service Provider. If you have any questions, please contact the [[https://www.aai.dfn.de/kontakt/|DFN-AAI Helpdesk]].
+**Next step:** [[en:production|Production Environment]]