New Shibboleth-Enabled EDINA Service
Posted on Friday, 4 July 2008
The EDINA agcensus service provides online access to data derived from the Agricultural Censuses for England, Scotland and Wales giving realistic estimates of what was produced, how much was produced and where it was produced.
| Org. | Service | Shib. | Attribute | Notes | Required |
|---|---|---|---|---|---|
| EDINA | agcensus | Shibboleth 1.3 | eduPersonScopedAffiliation | 1 | Yes |
WAYFless URL: https://sp.edina.ac.uk/agcensus/Shibboleth.sso/WAYF/UKFederation?providerId=xxx
(where xxx is the entity ID of your organisation's IdP)
Please note that WAYFless URLs cannot be guaranteed to remain unchanged over time.
Note:
1. The only attribute that an identity provider must release for its users to be able to access many services that are licensed for use by everyone at a particular organisation is eduPersonScopedAffiliation. This is a scoped attribute, which might, for example, have the value "member" in scope "uni.ac.uk", often written as:
It is used for the basic authorisation decision: does uni.ac.uk subscribe to the service in question? If so, the user is allowed access. The service provider will maintain its own list of which organisations (scopes) can access its service. For allowed organisations, the federation's Technical Recommendations for Participants indicate that, in HE/FE, users with scoped affilitation values from the set {member, student, staff, faculty, employee} are typically authorised to access content licensed on the basis of the JISC Model Licence, while {affiliate, alum} are not.
An identity provider can generate eduPersonScopedAffiliation automatically (without an attribute store) by setting the required scope in resolver.xml, as described in SetupIdP.