547
szerkesztés
Módosítások
nincs szerkesztési összefoglaló
== Download and support ==
You can download the module from [https://www.aai.niif.hu/sites/aaissp-attributes here].niifThe module is in beta stage, it needs broader community review.hu/files/edugain-module-rev27It is not yet recommended for production environments.tgz here]
If you have any questions regarding the module, please write to '''aai _aT_ niif _dOt hu''.
== Compatibility ==
== Configuration file ==
The simpleSAMLphp eduGAIN module reads the eduGAIN XML configuration format and transforms it into php arrays using XSL transformation. The submodules (''edugain:SplitMerge'' and ''edugain:Filter'') are configured automatically by the edugain:Attributes class.
PHP configuration interface for these filters are not supported at the moment and may be subject to change, so please use the XML configuration.
== Differences between the Java and the PHP implementations ==
* There is no '''CustomRule''' for attribute conversion (yet!). We are working on itOne can use simpleSAMLphp authentication processing filter API to implement arbitrary conversion rules.
* '''LocalProvider''' matching is unsupported in simpleSAMLphp. Unfortunately when simpleSAMLphp is in bridging mode (using the SP module to protect an IdP), the IdP processing filters do not see the peer entity of the SP module. However, you can achieve the correct behavior by putting one ''edugain:Attributes'' processing filter in the SP configuration and use '''RemoteProvider''' matches to filter and convert attributes there.
* You don't need to use a separate attribute name mapper, because simpleSAMLphp contains built-in '''name2oid''','''oid2name''', '''name2urn''' and '''urn2name''' methods, which provide the same functionality.
* Regular expressions are somewhat different in PHP. The eduGAIN module uses perl-compatible regular expressions (see [http://hu.php.net/manual/en/function.preg-match.php preg_match documentation] for details). Plus, the reading of the configuration involves ''eval'', and thus it swallows the escaping characters. So if one wants to escape something in their regular expressions, double-escaping is needed (eg. 'foo\\.bar' instead of 'foo\.bar').{{TODO_EN|Double escaping sucks. We are looking for solutions to circumvent this limitation}}[[Kategória: AAI]][[Kategória: english]][[Kategória: simplesamlphp]]
