Changes between Version 4 and Version 5 of R&Ssupport


Ignore:
Timestamp:
07/09/12 16:55:08 (12 years ago)
Author:
dabantz@…
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • R&Ssupport

    v4 v5  
    2121The following configuration requires Shibboleth IdP v2.3.5 or later, which fully supports using entity attributes in SP metadata as part of an attribute release filter policy. 
    2222 
    23 Configure a new <AttributeFilterPolicy> element for R&S SPs.This example releases all of the R&S attributes; a campus should customize as appropriate (e.g., changing the attributeID values). 
     23Configure a new <!AttributeFilterPolicy> element for R&S SPs.This example releases all of the R&S attributes; a campus should customize as appropriate (e.g., changing the attributeID values). 
    2424 
    2525{{{  
     
    9090 
    9191== IdP Previous to v2.3.5 == 
    92 These releases do not correctly support using entity attributes in SP metadata as part of an attribute release filter policy. For IdPs prior to v2.3.5, InCommon provides a tool that can be run on a regular basis to convert InCommon metadata into an explicit <AttributeFilterPolicy> element for R&S SPs. 
     92These releases do not correctly support using entity attributes in SP metadata as part of an attribute release filter policy. For IdPs prior to v2.3.5, !InCommon provides a tool that can be run on a regular basis to convert !InCommon metadata into an explicit <!AttributeFilterPolicy> element for R&S SPs. 
    9393 
    9494== Further Policy Controls == 
    95 If a campus determines that it wants to block release of attributes for certain community members (e.g., students who have opted out under FERPA), IdP operators could create an additional attribute release policy to enforce this decision. An example is available on the Shibboleth wiki. IdP plugins, such as uApprove, that provide end-user control over attribute release may also be useful to satisfy additional controls. 
     95If a campus determines that it wants to block release of attributes for certain community members (e.g., students who have opted out under FERPA), !IdP operators could create an additional attribute release policy to enforce this decision. An example is available on the Shibboleth wiki. IdP plugins, such as uApprove, that provide end-user control over attribute release may also be useful to satisfy additional controls.