...
To release the recommended attributes to a particular Service Provider with a Shibboleth Identity Provider, edit the file "/opt/shibboleth-idp/conf/attribute-filter.xml". The add the following code before the "</AttributeFilterPolicyGroup>" tag and change the entityID (https://sp.example.org/shibboleth) to the entityID of an actual Service Provider:
| Code Block | ||
|---|---|---|
| ||
<!-- Example SP -->
<AttributeFilterPolicy id="Example-SP">
<PolicyRequirementRule xsi:type="basic:AttributeRequesterString"
value="https://sp.example.org/shibboleth" />
<afp:AttributeRule attributeID="displayName"><afp:PermitValueRule xsi:type="basic:ANY"/></afp:AttributeRule>
<afp:AttributeRule attributeID="commonName"><afp:PermitValueRule xsi:type="basic:ANY"/></afp:AttributeRule>
<afp:AttributeRule attributeID="email"><afp:PermitValueRule xsi:type="basic:ANY"/></afp:AttributeRule>
<afp:AttributeRule attributeID="eduPersonPrincipalName"><afp:PermitValueRule xsi:type="basic:ANY"/></afp:AttributeRule>
<afp:AttributeRule attributeID="eduPersonAffiliation"><afp:PermitValueRule xsi:type="basic:ANY"/></afp:AttributeRule>
<afp:AttributeRule attributeID="eduPersonScopedAffiliation"><afp:PermitValueRule xsi:type="basic:ANY"/></afp:AttributeRule>
<afp:AttributeRule attributeID="schacHomeOrganization"><afp:PermitValueRule xsi:type="basic:ANY"/></afp:AttributeRule>
<afp:AttributeRule attributeID="schacHomeOrganizationType"><afp:PermitValueRule xsi:type="basic:ANY"/></afp:AttributeRule>
</AttributeFilterPolicy> |
...