Versions Compared

Old Version 21

changes.mady.by.user Pål Axelsson

Saved on

compared with

New Version 22

changes.mady.by.user Fredrik Domeij

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

To get the approved assurance profiles from metadata you need to activate the Metadata Attribute Extraction extension in Shibboleth SP. This is done by extending the ApplicationDefaults tag in Shibboleth2.xml by adding metadataAttributePrefix="Shib-Meta-" after REMOTE_USER="...", se example.

Code Block
languagexml
titleExample ApplicationDefaults in shibboleth2.xml
<ApplicationDefaults
    entityID="https://example.com/shibboleth"
    REMOTE_USER="eppn persistent-id targeted-id"
    metadataAttributePrefix="Shib-Meta-">

Define metadata assurance certification attribute

...

After the activation of Metadata Attribute Extension and the attribute definition all Identity Provider approved assurance profiles are available in the multi-valued attribute Shib-Meta-Assurance-Certification.

...