[Tf-aai] check CPH SAML metadata
Mitchell Seaton
seaton at hum.ku.dk
Thu Apr 6 14:27:27 CEST 2017
Great! Thanks for your help!
Regards,
Mitch
On 04/06/2017 07:48 PM, André Moreira wrote:
> Dear all,
>
> The CoCo Entity Category has now been added to the metadata feeds of both DFN-AAI and eduGAIN.
>
> Hope this helps.
> Regards,
> André
>
>> On 3 Apr 2017, at 14:54, André Moreira <andre at clarin.eu> wrote:
>>
>> Hi Jozef and all,
>>
>> I could not follow the whole conversation so I can’t say anything about the original problem.
>>
>> As about the missing CoCo attribute in the DFN and eduGAIN versions of the metadata, it turns out that DFN is removing the CoCo SAML attribute because according to them: the document referenced by the “PrivacyStatementURL” attribute does not contain a link to http://www.geant.net/uri/dataprotection-code-of-conduct/v1 (as mandated by the guidelines). I have checked this document and I see that this link is in fact there so I just requested DFN to reinsert the missing CoCo attribute.
>>
>> I hope this helps to clarify what’s going on.
>>
>> Kind regards,
>> ----
>> André Moreira
>> CLARIN ERIC
>> https://www.clarin.eu
>>
>>> On 3 Apr 2017, at 08:33, Jozef Misutka <misutka at ufal.mff.cuni.cz> wrote:
>>>
>>>
>>>
>>> On 3 April 2017 at 04:19, Mitchell Seaton <seaton at hum.ku.dk> wrote:
>>> Dear AAI-TF,
>>>
>>> On 04/01/2017 02:04 AM, Jozef Misutka wrote:
>>>>
>>>> On 31 March 2017 at 16:49, Daan Broeder <daan.broeder at meertens.knaw.nl> wrote:
>>>> Dear AAI-TF
>>>> Could you please check if the CPH centre SAML metadata has a valid link to a privacy policy statement.
>>> Yes, the privacy link is valid.
>>>> Yes.
>>>>
>>>>
>>>> But it does not have a CoCo conforming saml:AttributeValue, see
>>>> http://monitor.edugain.org/coc/?show=list_sps
>>>> entityId -> https://infra.clarin.dk/shibboleth
>>> This is incorrect the necessary entity SAML attributes are there in the metadata - see https://infra.clarin.eu/aai/prod_md_about_spf_sps.xml
>>>
>>> <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
>>> <saml:AttributeValue> http://www.geant.net/uri/dataprotection-code-of-conduct/v1 </saml:AttributeValue>
>>> </saml:Attribute>
>>>
>>>> To see real xml metadata from various federations, see
>>>> https://met.refeds.org/met/entity/https%253A%252F%252Finfra.clarin.dk%252Fshibboleth/
>>>>
>>> To me the problem seems to be AAI-DFN as the register - is using different SP metadata.
>>> Does someone know what is going on here with AAI-DFN?
>>>
>>> CCing SPF, can you find out why the following differ for infra.clarin.dk?
>>>
>>> Metadata from DFN
>>> https://met.refeds.org/met/entity/https%3A//infra.clarin.dk/shibboleth/?viewxml=true&federation=dfn-aai
>>> and infra.clarin.dk metadata from SPF
>>> https://infra.clarin.eu/aai/prod_md_about_spf_sps.xml
>>>
>>> Thank you,
>>> Jozef
>>>
>>>
>>>
>>>
>>> SP metadata is updated and valid within CLARIN SPF - pushed to eduGAIN and WAYF is currently pulling from eduGAIN as of this year.
>>>
>>>> Best,
>>>> Jozef
>>>>
>>>> Please send me a copy of the metadata.
>>>>
>>>> Thanks,
>>>> Daan
>>>>
>>>> Daan Broeder
>>>> Tel. +31 20 4628625
>>>> Daan.broeder at meertens.knaw.nl
>>>> Meertens Instituut (Afdeling Technische Ontwikkeling)
>>>> Oudezijds Achterburgwal 185
>>>> 1012 DK Amsterdam
>>>>
>>>> Postbus 10855
>>>> 1001 EW Amsterdam
>>>> ----
>>>>
>>>>
>>>> _______________________________________________
>>>> Tf-aai mailing list
>>>> Tf-aai at lists.clarin.eu
>>>> https://lists.clarin.eu/cgi-bin/mailman/listinfo/tf-aai
>>>>
>>>>
>>>
More information about the Tf-aai
mailing list