Context Navigation

← Previous Change
Wiki History
Next Change →

Changes between Initial Version and Version 1 of AtomicLearning

Timestamp:: 06/06/13 16:22:53 (11 years ago)
Author:: dabantz@…
Comment:: --

Legend:

: Unmodified
: Added
: Removed
: Modified

AtomicLearning

                       v1
+=== [[https://iam.alaska.edu/|IAM]] / [[https://iam.alaska.edu/projects|Projects]] / [[https://iam.alaska.edu/shib|Shibboleth]] / [[ServiceCandidates|Service Candidates]] / Atomic Learning ===
+After a period of CAS authentication (using CASShib), Atomic Learning added support for SAML / Shibboleth.  Licensing is campus-based, originally only a couple of UAF campuses; as of June 2013, all UAA and UAF campuses are licensed; students and employees at any of these campuses are authorized to use Atomic Learning.  The SAML assertion to Atomic Learning includes campus affiliation(s) of the authenticated user - see the qualification below.
+Other attributes released are EPPN, BannerID, email, surname, givenName, and a scoped version of eduPersonAffiliation (like !student@alaska.edu or !faculty@alaska.edu).
+Atomic Learning only consumes the "first" attribute value in the multi-valued attribute containing campus affiliation(s).  To prevent inappropriate denial of access for those with multiple campus affiliations including non-licensed campuses, UA added a release policy that filters and only releases the values of campus names explicitly licensed:
+{{{
+<!-- Specifically release only values of licensed campuses -->
+<!-- AL may deny access if non-licensed campus affiliation asserted -->
+  <AttributeRule attributeID="AtomicLearningCampus">
+      <PermitValueRule xsi:type="basic:OR">
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UA Statewide Admin" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAA Kenai Peninsula College" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAA Kodiak College" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAA Main" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAA Matanuska-Susitna College" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAA Prince William Sound Community College" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAF Bristol Bay Campus" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAF Chukchi Campus" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAF Community and Technical College" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAF Cooperative Extension Service" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAF Interior-Aleutians Campus" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAF Kuskokwim Campus" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAF Main" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAF Northwest Campus" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAF Rural College" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAA - Kenai Peninsula Campus" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAA - Kodiak Campus" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAA - Main Campus" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAA - Mat-Su Campus" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="PWSCC - Prince William Sound" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAF - eLearning &amp; Distance Ed" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAF - Bristol Bay (RB)" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAF - Chukchi Campus" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAF - Correspondence Study(CS)" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAF - Fairbanks Campus" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAF - Interior-Aleutians (RI)" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAF - Juneau Fisheries (JU)" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAF - Kuskokwim Campus" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAF - Northwest Campus" />
+            <basic:Rule xsi:type="basic:AttributeValueString" value="UAF - Rural College (RE)" />
+        </PermitValueRule>
+    </AttributeRule>
+}}}
+Note that the ampersand in one value has to be XML encoded as &amp;