Changes

Page history
Update Configuration authored by Janne Lauros's avatar Janne Lauros
Show whitespace changes
Inline Side-by-side
Configuration.md
View page @ 1dc3e923
# Minimal Configuration - Personal Data # Minimal Configuration - Personal Data
At the bare minimum the plugin shows Personal Data - page for the user. For this you need to define the Profile Configuration to access the page and the attributes to show on it. At the bare minimum the plugin shows Personal Data - page for the user. For this you need to define the Profile Configuration to access the page and the attributes to show on it.
## USERPROFILE.SSO ## USERPROFILE.SSO - profile uri "http://geant.org/ns/profiles/userprofile/sso/browser"
For user to be authenticated and to be shown User Profile pages, the 'USERPROFILE.SSO' profile configuration has to be enabled by adding it to shibboleth.UnverifiedRelyingParty bean. For user to be authenticated and to be shown User Profile pages, the 'USERPROFILE.SSO' profile configuration has to be enabled by adding it to shibboleth.UnverifiedRelyingParty bean.
``` ```
...@@ -22,3 +22,8 @@ The configuration options are far less than with other SSO profiles as there is ...@@ -22,3 +22,8 @@ The configuration options are far less than with other SSO profiles as there is
| defaultAuthenticationMethods | List<Principal> | | Ordered list of Java Principals to be used to select appropriate login flow(s) to attempt. | | defaultAuthenticationMethods | List<Principal> | | Ordered list of Java Principals to be used to select appropriate login flow(s) to attempt. |
| postAuthenticationFlows | List<String> | | Ordered list of profile interceptor flows to run after successful authentication | | postAuthenticationFlows | List<String> | | Ordered list of profile interceptor flows to run after successful authentication |
| forceAuthn | Boolean | false | Disallows use (or reuse) of authentication results and login flows that don't provide a real-time proof of user presence in the login process | | forceAuthn | Boolean | false | Disallows use (or reuse) of authentication results and login flows that don't provide a real-time proof of user presence in the login process |
## Personal Data attributes
Personal Data page shows user attributes. The attributes that are resolved and shown are listed in 'userprofile.properties' - file property 'idp.userprofile.idpuserattributes' as comma separated list of attributes ids.
Depending on deployment and use case, it does not always make sense to use pre-existing attributes. If new attributes are defined they do not need filter rules or protocol specific encoding information. Attributes that are shown are not filtered.
\ No newline at end of file