...
Stoppa in följande 2 block XML på relevant plats i relying-party.xml. Spara certifikatet från http://www.kalmar2.org/kalmar2web/metadata_signing_certificate.html i filen /opt/shibboleth-idp/credentials/kalmar-signer.crt
.
...
Code Block |
---|
<!-- recommended initial attribute filter policy for Kalmar Union --> <AttributeFilterPolicy><AttributeFilterPolicy id="kalmar2"> <PolicyRequirementRule xsi:type="saml:AttributeRequesterInEntityGroup" groupID="kalmarcentral2" /> <AttributeRule attributeID="givenName"> <PermitValueRule xsi:type="basic:ANY" /> </AttributeRule> <AttributeRule attributeID="surname"> <PermitValueRule xsi:type="basic:ANY" /> </AttributeRule> <AttributeRule attributeID="displayName"> <PermitValueRule xsi:type="basic:ANY" /> </AttributeRule> <AttributeRule attributeID="commonName"> <PermitValueRule xsi:type="basic:ANY" /> </AttributeRule> <AttributeRule attributeID="eduPersonPrincipalName"> <PermitValueRule xsi:type="basic:ANY" /> </AttributeRule> <AttributeRule attributeID="email"> <PermitValueRule xsi:type="basic:ANY" /> </AttributeRule> <AttributeRule attributeID="eduPersonScopedAffiliation"> <PermitValueRule xsi:type="basic:OR"> <basic:Rule xsi:type="basic:AttributeValueString" value="faculty" ignoreCase="true" /> <basic:Rule xsi:type="basic:AttributeValueString" value="student" ignoreCase="true" /> <basic:Rule xsi:type="basic:AttributeValueString" value="staff" ignoreCase="true" /> <basic:Rule xsi:type="basic:AttributeValueString" value="alum" ignoreCase="true" /> <basic:Rule xsi:type="basic:AttributeValueString" value="member" ignoreCase="true" /> <basic:Rule xsi:type="basic:AttributeValueString" value="affiliate" ignoreCase="true" /> <basic:Rule xsi:type="basic:AttributeValueString" value="employee" ignoreCase="true" /> <basic:Rule xsi:type="basic:AttributeValueString" value="library-walk-in" ignoreCase="true" /> </PermitValueRule> </AttributeRule> </AttributeFilterPolicy> |