...
To get the approved assurance profiles from metadata you need to activate the Metadata Attribute Extraction extension in Shibboleth SP. This is done by extending the ApplicationDefaults tag in Shibboleth2.xml by adding metadataAttributePrefix="Shib-Meta-" after REMOTE_USER="...", se example.
Code Block | ||||
---|---|---|---|---|
| ||||
<ApplicationDefaults
entityID="https://example.com/shibboleth"
REMOTE_USER="eppn persistent-id targeted-id"
metadataAttributePrefix="Shib-Meta-"> |
Define metadata assurance certification attribute
...
After the activation of Metadata Attribute Extension and the attribute definition all Identity Provider approved assurance profiles are available in the multi-valued attribute Shib-Meta-Assurance-Certification.
...