| ||||||||
| Line: 6 to 6 | ||||||||
|---|---|---|---|---|---|---|---|---|
What is the basic functionality of Autograph? | ||||||||
| Changed: | ||||||||
| < < |
Members of the Identity Provider can configure Service Provider specific idCards. It is also possible for members to change values of attributes which were configured as writeable by the Idp admin. | |||||||
| > > |
Members of the Identity Provider can configure Service Provider specific idCards. The attributes on this idCards will be send to the Service Provider. It is also possible for members to change values of attributes which were configured as writeable by the Idp admin. | |||||||
What conditions have to be fullfilled in order to install and run Autograph? | ||||||||
| Line: 14 to 15 | ||||||||
What changes have to be made to the Service Provider installation to include Autograph in the Single Sign On profile? | ||||||||
| Changed: | ||||||||
| < < |
The only change is done in the application describtion file (web.xml). A servlet mapping is added so that a AutographRedirectionSwitch? servlet is interconnected between the ./shibboleth-idp/SSO URL and the IdPResponder servlet. When a http request hits ./shibboleth-idp/SSO the AutographRedirectionSwitch? decides if a redirect to Autograph should be made or if the request should be passed to the IdPResponder. (web.xml with changes) | |||||||
| > > |
The only change is done in the application describtion file (web.xml). A servlet mapping is added so that a AutographRedirectionSwitch servlet is interconnected between the ./shibboleth-idp/SSO URL and the IdPResponder servlet. When a http request hits ./shibboleth-idp/SSO the AutographRedirectionSwitch decides if a redirect to Autograph should be made or if the request should be passed to the IdPResponder. (web.xml with changes) (more)
| |||||||
| Changed: | ||||||||
| < < |
How can I as an IdP admin make sure an IdP member doesn't see sensitive attributes? | |||||||
| > > |
How can I as an IdP admin make sure an IdP member doesn't see sensitive attributes? | |||||||
| For the sake of transparency in the Federation it would be favourable if there are only attributes released which the user is allowed to see. However, by not defining attributes in Autograph's AttributeInfoPoint configuration file it is not existent for Autograph. Therefore IdP members will never see it and its release status defined in the site Attribute Release Policy (ARP) will never be changed in a user ARP. | ||||||||
| ||||||||
| Line: 18 to 18 | ||||||||
|---|---|---|---|---|---|---|---|---|
How can I as an IdP admin make sure an IdP member doesn't see sensitive attributes? | ||||||||
| Changed: | ||||||||
| < < |
For the sake of transparency in the Federation it would be favourable if there are only attributes released which the user is allowed to see. However, by not defining attributes in Autograph's AttributeInfoPoint?.xml configuration file it is not existent for Autograph. Therefore IdP members will never see it and its release status defined in the site Attribute Release Policy (ARP) will never be changed in a user ARP. | |||||||
| > > |
For the sake of transparency in the Federation it would be favourable if there are only attributes released which the user is allowed to see. However, by not defining attributes in Autograph's AttributeInfoPoint configuration file it is not existent for Autograph. Therefore IdP members will never see it and its release status defined in the site Attribute Release Policy (ARP) will never be changed in a user ARP. | |||||||
| -- MoritzTheile - 09 Mar 2006 | ||||||||
| ||||||||
| Added: | ||||||||
| > > |
<< to Autograph main page | |||||||
Frequently Asked Questions on AutographWhat is the basic functionality of Autograph? | ||||||||
Frequently Asked Questions on Autograph | ||||||||
| Changed: | ||||||||
| < < |
Who can use Autograph? | |||||||
| > > |
What is the basic functionality of Autograph? | |||||||
| Changed: | ||||||||
| < < |
All members of the Identity Provider who are able to use Services of the Federation are also able to use Autograph to control their privacy. | |||||||
| > > |
Members of the Identity Provider can configure Service Provider specific idCards. It is also possible for members to change values of attributes which were configured as writeable by the Idp admin.
What conditions have to be fullfilled in order to install and run Autograph?A Shibboleth Identity Provider has to be properly integrated in a Federation. Autograph is tested with 'shib-java Rel_1_3_FINAL_C'.What changes have to be made to the Service Provider installation to include Autograph in the Single Sign On profile?The only change is done in the application describtion file (web.xml). A servlet mapping is added so that a AutographRedirectionSwitch? servlet is interconnected between the ./shibboleth-idp/SSO URL and the IdPResponder servlet. When a http request hits ./shibboleth-idp/SSO the AutographRedirectionSwitch? decides if a redirect to Autograph should be made or if the request should be passed to the IdPResponder. (web.xml with changes)How can I as an IdP admin make sure an IdP member doesn't see sensitive attributes?For the sake of transparency in the Federation it would be favourable if there are only attributes released which the user is allowed to see. However, by not defining attributes in Autograph's AttributeInfoPoint?.xml configuration file it is not existent for Autograph. Therefore IdP members will never see it and its release status defined in the site Attribute Release Policy (ARP) will never be changed in a user ARP. | |||||||
| -- MoritzTheile - 09 Mar 2006 | ||||||||
| Line: 1 to 1 | ||||||||
|---|---|---|---|---|---|---|---|---|
| Added: | ||||||||
| > > |
Frequently Asked Questions on AutographWho can use Autograph?All members of the Identity Provider who are able to use Services of the Federation are also able to use Autograph to control their privacy. -- MoritzTheile - 09 Mar 2006 | |||||||