Page History
...
The eduPerson specification has defined the generic attribute eduPersonEntitlement to communicate entitlements, permissions or rights between entities. For the specific case of library services MACE-Dir has then defined a standard eduPersonEntitlement attribute value (see below for details). This is the only attribute (other than maybe a unique identifier) library services will generally need, as such no more data should be sent from the Identity Provider:
...
Define the attribute
See our IDP 3 4 Attribute resolution documentation for a simple example of how to generate and assign the common-lib-terms entitlement based on eduPersonAffiliation values.
...
Code Block | ||||
---|---|---|---|---|
| ||||
<AttributeFilterPolicy id="CommonLibTerms"> <PolicyRequirementRule xsi:type="OR"> <Rule xsi:type="Requester" value="https://test-sp.aco.net/shibboleth" /> <Rule xsi:type="Requester" value="https://ieeexplore.ieee.org/shibboleth-sp" /> <Rule xsi:type="Requester" value="http://shibboleth.ebscohost.com" /> <Rule xsi:type="Requester" value="https://sp.tshhosting.com/shibboleth" /> <Rule xsi:type="Requester" value="https://www.content-select.com/simplesaml/module.php/saml/sp/metadata.php/preselect.media-sp" /> <Rule xsi:type="Requester" value="https://sdauth.sciencedirect.com/" /> <Rule xsi:type="Requester" value="https://www.tandfonline.com/shibboleth" /> <Rule xsi:type="Requester" value="https://fsso.springer.com" /> <Rule xsi:type="Requester" value="https://secure.nature.com/shibboleth" /> <Rule xsi:type="Requester" value="https://shibboleth.genios.de/shibboleth" /> <Rule xsi:type="Requester" value="https://shibboleth-faz.genios.de/shibboleth" /> <Rule xsi:type="Requester" value="https://shibboleth.statista.com" /> <Rule xsi:type="Requester" value="https://www.hanser-elibrary.com/shibboleth" /> <Rule xsi:type="Requester" value="https://shibboleth.ovid.com/entity" /> <Rule xsi:type="Requester" value="https://prd.thieme.de/shibboleth-sp" /> <Rule xsi:type="Requester" value="https://www.beck-elibrary.de/Shibboleth.sso" /> <Rule xsi:type="Requester" value="https://www.nomos-elibrary.de/Shibboleth.sso" /> <Rule xsi:type="Requester" value="https://iam.atypon.com/shibboleth" /> <Rule xsi:type="Requester" value="https://portal.zedhia.at/saml" /> <Rule xsi:type="Requester" value="https://sp.eblib.com/shibboleth" /> <Rule xsi:type="Requester" value="https://login.intelliconnect.inta.cch.com/" /> <Rule xsi:type="Requester" value="https://shibbolethsp.jstor.org/shibboleth" /> <Rule xsi:type="Requester" value="https://shibboleth-sp.prod.proquest.com/shibboleth" /> <Rule xsi:type="Requester" value="https://elibrary.verlagoesterreich.at" /> </PolicyRequirementRule> <AttributeRule attributeID="eduPersonEntitlement"> <PermitValueRule xsi:type="Value" value="urn:mace:dir:entitlement:common-lib-terms" /> </AttributeRule> </AttributeFilterPolicy> |
...
Code Block | ||||
---|---|---|---|---|
| ||||
<AttributeFilterPolicy id="LibrarySPsScopedAffiliation"> <PolicyRequirementRule xsi:type="OR"> <Rule xsi:type="Requester" value="https://shibboleth.cambridge.org/shibboleth-sp" /> <Rule xsi:type="Requester" value="https://shibboleth.highwire.org/entity/secure-sp" /> <Rule xsi:type="Requester" value="https://secure.nature.com/shibboleth" /> <Rule xsi:type="Requester" value="https://ticket.iop.org/shibboleth" /> <Rule xsi:type="Requester" value="https://shib.rsc.org/shibboleth" /> <Rule xsi:type="Requester" value="https://sp.emerald.com/sp" /> <Rule xsi:type="Requester" value="https://cas.manz.at/shibboleth" /> <Rule xsi:type="Requester" value="https://lindedigital.at/shibboleth" /> <Rule xsi:type="Requester" value="https://shib.lexisnexis.com" /> <Rule xsi:type="Requester" value="https://signin.lexisnexis.com/lnaccess/fed/authn" /> <Rule xsi:type="Requester" value="https://www.utb-studi-e-book.de/websso/metadata" /> <Rule xsi:type="Requester" value="https://elibrary.hogrefe.de" /> <Rule xsi:type="Requester" value="https://sp.ebrary.com/shibboleth" /> </PolicyRequirementRule> <AttributeRule attributeID="eduPersonScopedAffiliation"> <PermitValueRule xsi:type="OR"> <Rule xsi:type="Value" value="student" ignoreCasecaseSensitive="truefalse" /> <Rule xsi:type="Value" value="staff" ignoreCasecaseSensitive="truefalse" /> <Rule xsi:type="Value" value="faculty" ignoreCasecaseSensitive="truefalse" /> <Rule xsi:type="Value" value="employee" ignoreCasecaseSensitive="truefalse" /> <Rule xsi:type="Value" value="member" ignoreCasecaseSensitive="truefalse" /> <Rule xsi:type="Value" value="library-walk-in" ignoreCasecaseSensitive="truefalse" /> </PermitValueRule> </AttributeRule> </AttributeFilterPolicy> |
...
Overview
Content Tools
Tasks