Changes between Version 48 and Version 49 of idpiam2018
- Timestamp:
- Sep 14, 2018, 7:39:16 AM (6 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
idpiam2018
v48 v49 1001 1001 }}} 1002 1002 1003 == Enable Consent Module == 1004 1005 The consent module is shown when a user logs in to a service for the first time, and asks the user for permission to release the required (and desired) attributes to the service. 1006 1007 40. Edit `/opt/shibboleth-idp/conf/idp.properties` to uncomment and modify 1008 1009 {{{ 1010 idp.consent.compareValues = true 1011 idp.consent.maxStoredRecords = -1 1012 idp.consent.storageRecordLifetime = P1Y 1013 }}} 1014 1015 * By changing `idp.consent.maxStoredRecords` will remove the limit on the number of consent records held (by default, 10) by setting the limit to -1 (no limit) 1016 * The Storage Record Life Time of 1 year should be sufficient and the consent records would expire after a year. 1003 1017 1004 1018 == Release Attributes for your Service Providers (SP) in Production Environment == 1005 1019 1006 40.Edit `/opt/shibboleth-idp/conf/attribute-filter.xml` to include service providers who will use your IDP to authenticate your users for their services.1020 Edit `/opt/shibboleth-idp/conf/attribute-filter.xml` to include service providers who will use your IDP to authenticate your users for their services. 1007 1021 1008 1022 Consult Service Provider guidelines and `https://fr-training.ac.lk/attribute-filter-LEARN-Production.xml` on deciding what attributes you should release.
