RCTSaai
Page tree
Skip to end of metadata
Go to start of metadata

Serviços na Federação RCTSaai

 

 

Link do Serviço: http://educast.fccn.pt

EDUcast é um serviço de gestão de vídeo para registo e distribuição simples de conteúdos lectivos (aulas). O sistema central garante o pós-processamento necessário para que estes fiquem disponíveis aos alunos através da Internet.

 Instruções de Configuração do Fornecedor de Identidade

Atributos Necessários

O serviço EDUcast utiliza os seguintes atributos:

Obrigatórios

Configurações Software Shibboleth "Identity Provider"

relying-party.xml
<!-- EDUcast -->
<RelyingParty id="https://educast.fccn.pt" 
  provider="[EntityID do IDP shibboleth]" 
  defaultSigningCredentialRef="IdPCredential" >
  <ProfileConfiguration xsi:type="saml:SAML2SSOProfile" 
    encryptNameIds="conditional" />
</RelyingParty>
attribute-resolver.xml
<resolver:AttributeDefinition id="Givenname" xsi:type="Simple" 
  xmlns="urn:mace:shibboleth:2.0:resolver:ad" 
  sourceAttributeID="[Source no repositorio que possui o givenName]">
  <resolver:Dependency ref="[Connector ao repositorio de atributos]" />
  <resolver:AttributeEncoder xsi:type="SAML1String" 
    xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
    name="urn:mace:dir:attribute-def:INETORGPERSON_GIVENNAME" />
  <resolver:AttributeEncoder xsi:type="SAML2String" 
    xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
    name="urn:oid:2.5.4.42" friendlyName="INETORGPERSON_GIVENNAME" />
</resolver:AttributeDefinition>

<resolver:AttributeDefinition id="Surname" xsi:type="Simple" 
  xmlns="urn:mace:shibboleth:2.0:resolver:ad" 
  sourceAttributeID="="[Source no repositorio que possui o sn]">
  <resolver:Dependency ref="[Connector ao repositorio de atributos]"  />
  <resolver:AttributeEncoder xsi:type="SAML1String" 
    xmlns="urn:mace:shibboleth:2.0:attribute:encoder" 
    name="urn:mace:dir:attribute-def:PERSON_SURNAME" />
  <resolver:AttributeEncoder xsi:type="SAML2String" 
    xmlns="urn:mace:shibboleth:2.0:attribute:encoder" 
    name="urn:oid:2.5.4.4" friendlyName="PERSON_SURNAME" />
</resolver:AttributeDefinition>

<resolver:AttributeDefinition id="Mail" xsi:type="Simple" 
  xmlns="urn:mace:shibboleth:2.0:resolver:ad" 
  sourceAttributeID="[Source no repositorio que possui o mail]">
  <resolver:Dependency ref="[Connector ao repositorio de atributos]" />
  <resolver:AttributeEncoder xsi:type="SAML1String" 
  xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
  name="urn:mace:dir:attribute-def:INETORGPERSON_MAIL" />
  <resolver:AttributeEncoder xsi:type="SAML2String" 
  xmlns="urn:mace:shibboleth:2.0:attribute:encoder" 
  name="urn:oid:0.9.2342.19200300.100.1.3" 
  friendlyName="INETORGPERSON_MAIL" />
</resolver:AttributeDefinition>

<resolver:AttributeDefinition id="Entidade" 
  xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad" 
  sourceAttributeID="[Source no repositorio que possui o atributo o]">
<resolver:Dependency ref="[identificador do DataConnector]" />
  <resolver:AttributeEncoder xsi:type="SAML1String" 
    xmlns="urn:mace:shibboleth:2.0:attribute:encoder" 
    name="urn:mace:dir:attribute-def:o"/>
  <resolver:AttributeEncoder xsi:type="SAML2String" 
    xmlns="urn:mace:shibboleth:2.0:attribute:encoder" 
    name="urn:oid:2.5.4.10" friendlyName="o" />
</resolver:AttributeDefinition>

<resolver:AttributeDefinition id="eduPersonPrimaryAffiliation" 
  xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad" 
  sourceAttributeID="[Source no repositorio que possui o PersonAffiliation]">
  <resolver:Dependency ref="[Connector ao repositorio de atributos]" />
  <resolver:AttributeEncoder xsi:type="SAML1String" 
    xmlns="urn:mace:shibboleth:2.0:attribute:encoder" 
    name="urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation" />
  <resolver:AttributeEncoder xsi:type="SAML2String" 
    xmlns="urn:mace:shibboleth:2.0:attribute:encoder" 
    name="urn:oid:1.3.6.1.4.1.5923.1.1.1.5" 
    friendlyName="eduPersonPrimaryAffiliation" />
</resolver:AttributeDefinition>
 
<resolver:AttributeDefinition id="eduPersonPrincipalName" 
xsi:type="Scoped" xmlns="urn:mace:shibboleth:2.0:resolver:ad" scope="[domínio institucional]" sourceAttributeID="sAMAccountName">
    <resolver:Dependency ref="[Connector ao repositorio de atributos]" />
    <resolver:AttributeEncoder xsi:type="SAML1ScopedString" 
xmlns="urn:mace:shibboleth:2.0:attribute:encoder" name="urn:mace:dir:attribute-def:eduPersonPrincipalName" />
    <resolver:AttributeEncoder xsi:type="SAML2ScopedString" 
xmlns="urn:mace:shibboleth:2.0:attribute:encoder" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" friendlyName="eduPersonPrincipalName" />
 </resolver:AttributeDefinition>
attribute-filter.xml
<!-- Atributos para o Servico EDUcast --> 
<AttributeFilterPolicy> 
<PolicyRequirementRule xsi:type="basic:AttributeRequesterString" value="https://educast.fccn.pt" /> 
<AttributeRule attributeID="Mail">
 <PermitValueRule xsi:type="basic:ANY" />
</AttributeRule> 
<AttributeRule attributeID="Givenname">
 <PermitValueRule xsi:type="basic:ANY" /> 
</AttributeRule> 
<AttributeRule attributeID="Surname">
 <PermitValueRule xsi:type="basic:ANY" /> 
</AttributeRule> <AttributeRule attributeID="Entidade">
 <PermitValueRule xsi:type="basic:ANY" /> 
</AttributeRule> 
<AttributeRule attributeID="eduPersonPrimaryAffiliation">
 <PermitValueRule xsi:type="basic:ANY" /> 
</AttributeRule>
<AttributeRule attributeID="eduPersonPrincipalName">
  <PermitValueRule xsi:type="basic:ANY" />
</AttributeRule>
</AttributeFilterPolicy>


 

  • No labels