Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
en:functionaltest_sp [2017/06/22 12:20] – Wolfgang Pempe | en:functionaltest_sp [2022/05/17 12:29] – [Test Accounts] Silke Meyer | ||
---|---|---|---|
Line 2: | Line 2: | ||
The DFN operates two IdPs for performing functional tests in the Test Federation: | The DFN operates two IdPs for performing functional tests in the Test Federation: | ||
^ DisplayName | ^ DisplayName | ||
- | | DFN Test-IdP 1 | https:// | ||
| DFN Test-IdP 2 | https:// | | DFN Test-IdP 2 | https:// | ||
+ | |||
**NB:** There is also an AAI Integration and Test IdP available in the production federation. Accounts are issued on request, please contact [[mailto: | **NB:** There is also an AAI Integration and Test IdP available in the production federation. Accounts are issued on request, please contact [[mailto: | ||
==== Test Accounts ==== | ==== Test Accounts ==== | ||
Line 16: | Line 16: | ||
**If more and/or other attributes are required to access and use a specific Service, please contact [[mailto: | **If more and/or other attributes are required to access and use a specific Service, please contact [[mailto: | ||
- | **==== Attribute-based Authorization ==== | + | * |
+ | *==== Attribute-based Authorization ==== | ||
**Important: | **Important: | ||
In the overwhelming majority of cases, a service (respectively a Service Provider) is supposed to be available only for a subset of the users affiliated with a Home Organization. For this reason, a successful authentication at the home IdP is usually not sufficient for granting access to a protected resource! Rather, the authorization decision must be made by means of the user attributes released by the IdP. Which attributes (and attribute values) are appropriate for this purpose, depends on the type and implementation of the service / Service Provider. If you have any questions, please contact the [[https:// | In the overwhelming majority of cases, a service (respectively a Service Provider) is supposed to be available only for a subset of the users affiliated with a Home Organization. For this reason, a successful authentication at the home IdP is usually not sufficient for granting access to a protected resource! Rather, the authorization decision must be made by means of the user attributes released by the IdP. Which attributes (and attribute values) are appropriate for this purpose, depends on the type and implementation of the service / Service Provider. If you have any questions, please contact the [[https:// |