Magic Studio from Lexara Ltd
Page last modified on 02 March 2010, at 11:56 AM (initially posted on 30 April 2009)
Magic Studio offers schools great interactive resources, education content and simple easy-to-use tools to customise resources.
It integrates with Learning Platforms and is designed to support busy teachers and web-savvy pupils alike.
| Org. | Service | Attribute | Notes | Required |
|---|---|---|---|---|
| Lexara Ltd | Magic Studio | eduPersonScopedAffiliation eduPersonPrincipalName eduPersonNickname displayName cn sn givenName l o | 1 5 5 5 5 5 5 5 5 | Yes Yes No No No No No No No No |
The scoped affiliation provided by the eduPersonScopedAffilation ensures that educational users can get access to Magic Studio content appropriate for their local authority and school.
eduPersonNickname, displayName, cn, sn, givenName, mail, l, o are used to personalise the user's experience. In the absence of these attributes the user will be referred to by eduPersonPrincipalName.
Notes:
1. The only attribute that an identity provider must release for its users to be able to access many services that are licensed for use by everyone at a particular organisation is eduPersonScopedAffiliation. This is a scoped attribute, which might, for example, have the value "member" in scope "uni.ac.uk", often written as:
It is used for the basic authorisation decision: does uni.ac.uk subscribe to the service in question? If so, the user is allowed access. The service provider will maintain its own list of which organisations (scopes) can access its service. For allowed organisations, the federation's Technical Recommendations for Participants indicate that, in HE/FE, users with scoped affiliation values from the set {member, student, staff, faculty, employee} are typically authorised to access content licensed on the basis of the JISC Model Licence, while {affiliate, alum} are not.
While a Shibboleth identity provider can generate eduPersonScopedAffiliation statically by setting the required value in attribute-resolver.xml, this should only be done when it is known that all users are authorised. Otherwise, the value can be picked up from your LDAP / Active Directory as described on the IdP setup page.
Users of other IdP software should check their documentation.
5. Some services can make use of optional attributes if an identity provider offers them. For example, MIMAS Landmap and EDINA Digimap make use of the user's given name (givenName), surname (sn) and organisational unit (ou, treated as a Department name), if present. (Digimap uses these attributes, if present, to populate its initial online user registration form, not for ordinary logins). If such optional attributes are not supplied by the Identity Provider, the service may require the user to enter the same information manually, and these entries may need to be manually checked by the operator of the service.