565
szerkesztés
Módosítások
→Allowing and denying attributes
=== Concepts ===
=== Allowing and denying attributes ===
<source lang="xml">
<?xml version="1.0" encoding="UTF-8"?>
<AttributeFilter xmlns='urn:geant:edugain:attribute-mangling:1.0'
xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'
xsi:schemaLocation='urn:geant:edugain:attribute-mangling:1.0 AttributeMangling.xsd'>
<FilterRule>
<Description>Unconditional allowing and denying. The main rule is to deny ALL attributes.</Description>
<AllowAttribute attributeName="mail" />
<AllowAttribute attributeName="cn" />
<AllowAttribute attributeName="eppn" />
<DenyAttribute attributeName="userPassword" />
<DenyAttribute attributeName="uid" />
<DenyAttribute attributeName="homeOrganization" />
</FilterRule>
<FilterRule>
<Description>Use conditions - allow only specific attribute values</Description>
<Condition>
<LocalProviderMatch>^urn:.*\.hu$</LocalProviderMatch>
</Condition>
<AllowAttribute attributeNme="eduPersonScopedEntitlement">
<AttributeValue>^.*@.*\.hu$</AttributeValue>
</AllowAttribute>
</FilterRule>
<FilterRule>
<Description>Use conditions - reference any attribute</Description>
<Condition>
<AttributeMatch attributeName="homeOrganization">niif.hu</AttributeMatch>
</Condition>
<AllowAttribute attributeName="eduPersonScopedEntitlement">
<AttributeValue>^.*@niif\.hu$</AttributeValue>
</AllowAttribute>
</FilterRule>
</AttributeFilter>
</source>
=== Using conditions ===