Here's a JSON definition for an Apache HTTPD with the Shibboleth
mod_shib/shibd plug-in:

{
  "@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
  "serviceId" : "https://casdev-samlsp.newschool.edu/shibboleth";,
  "name" : "Apache Secured By SAML",
  "id" : 1509030300,
  "description" : "CAS development Apache mod_shib/shibd server with
username/password protection",
  "metadataLocation" : "
https://casdev-samlsp.newschool.edu/Shibboleth.sso/Metadata";,
  "attributeReleasePolicy" : {
    "@class" : "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy",
    "allowedAttributes" : {
      "@class" : "java.util.TreeMap",
      "cn" : "urn:oid:2.5.4.3",
      "displayName" : "urn:oid:2.16.840.1.113730.3.1.241",
      "givenName" : "urn:oid:2.5.4.42",
      "mail" : "urn:oid:0.9.2342.19200300.100.1.3",
      "role" : "urn:newschool:attribute-def:role",
      "sn" : "urn:oid:2.5.4.4",
      "uid" : "urn:oid:0.9.2342.19200300.100.1.1",
      "UDC_IDENTIFIER": "urn:newschool:attribute-def:UDC_IDENTIFIER"
    }
  },
  "evaluationOrder" : 1125
}

But if your SP doesn't care about the funky notation, you can just do it
the "regular" way... here's a definition for a test SP created via RSA's
free IAMShowcase site (this is a cut-down copy of the entire registry entry
to show the part you're interested in):

{
    "serviceId": "IAMShowcase",
    "name": "RSA SAML Test Service Provider",
    "theme": null,
    "informationUrl": null,
    "privacyUrl": null,
    "id": 1202469081,
    "description": "The URL for the SP that talks to this service is
https://sptest.iamshowcase.com/ixs?idp=<snip>",
    "evaluationOrder": -1,
    "attributeReleasePolicy": {
        "@class":
"org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy",
        "allowedAttributes": [
            "displayName",
            "givenName",
            "sn",
            "uid"
        ]
    }
}


--Dave





--

DAVID A. CURRY, CISSP
*DIRECTOR OF INFORMATION SECURITY*
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david.cu...@newschool.edu

[image: The New School]

On Wed, May 16, 2018 at 9:07 AM, John D Giotta <jdgio...@gmail.com> wrote:

> Do you have an example of this?
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/3a71f33b-cc77-4c2a-be89-
> b712229a227a%40apereo.org
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/3a71f33b-cc77-4c2a-be89-b712229a227a%40apereo.org?utm_medium=email&utm_source=footer>
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XANXC62rntdWM3Mi7Xosa_UvROR-tRDHFw_OEQh0Y_C7pA%40mail.gmail.com.

Reply via email to