diff options
| author | Johan Lundberg <lundberg@sunet.se> | 2020-09-30 10:46:45 +0200 |
|---|---|---|
| committer | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2020-10-30 12:55:25 +0200 |
| commit | d19febc77caa859193126864486a26055f167250 (patch) | |
| tree | ebcee758527a914ec8be71b28c9c9fe73b56cc17 /docs | |
| parent | 326705d1e4aa0bb2740ae8d2f5836b7630f58a8f (diff) | |
| download | pysaml2-d19febc77caa859193126864486a26055f167250.tar.gz | |
Allow registration authorities in policy
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/howto/config.rst | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/docs/howto/config.rst b/docs/howto/config.rst index e1c2025f..50be1de7 100644 --- a/docs/howto/config.rst +++ b/docs/howto/config.rst @@ -530,13 +530,24 @@ An example might be:: "default": { "lifetime": {"minutes":15}, "attribute_restrictions": None, # means all I have - "name_form": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri" + "name_form": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + "entity_categories": ["edugain"] }, "urn:mace:example.com:saml:roland:sp": { "lifetime": {"minutes": 5}, "attribute_restrictions": { "givenName": None, "surName": None, + }, + }, + "registration_authorities": { + "default" { + "attribute_restrictions": None + }, + "http://www.swamid.se/": { + "attribute_restrictions": { + "givenName": None, + } } } } @@ -561,6 +572,12 @@ An example might be:: Using this information, the attribute name in the data source will be mapped to the friendly name, and the saml attribute name will be taken from the uri/oid defined in the attribute map. +*nameid_format* + Which nameid format that should be used. Defaults to urn:oasis:names:tc:SAML:2.0:nameid-format:transient. +*entity_categories* + Entity categories to apply. +*sign* + Possible choices: "sign": ["response", "assertion", "on_demand"] If restrictions on values are deemed necessary, those are represented by regular expressions.:: |