Hints for Identity Providers (IdP)¶
How to join Helmholtz AAI as an IdP¶
Helmholtz AAI supports all IdPs from eduGAIN.
In order to collaborate and join as an identity provider, please join your national federation and participate eduGAIN.
The mandatory information about the attributes consumed by the Helmholtz AAI, besides the federation metadata, are documented here in the attributes section.
Configuration of Shibboleth 4 IdP for Attribute Query¶
This information is preliminary. The documentation will be completed as soon as possible.
This is a collection of configuration files technically needed for Attribute Query response in Shibboleth 4.
For general Shibboleth configuration, see also DFN Documentation .
Specifics for Shibboleth 4¶
- Exemplary configuration files are deposited below.
schacUserStatus.propertiesmust be located in
- Implementation of
attribute-resolver.xmlis based on Active Directory as LDAP-Backend and uses the UserAccountControl attribute. This needs to be handled differently when using OpenLDAP! (See example
attribute-resolver.xmlin DFN Documentation.)
- There is an example for a CERN Login in
relying-party.xml, maybe it helps for understanding.
If you have further questions, please contact firstname.lastname@example.org.