Page tree
Skip to end of metadata
Go to start of metadata

Serviços na Federação RCTSaai

 

 


Link do Serviço: http://recorder.educast.fccn.pt

EDUcast é um serviço de gestão de vídeo para registo e distribuição simples de conteúdos lectivos (aulas). O sistema central garante o pós-processamento necessário para que estes fiquem disponíveis aos alunos através da Internet.

 Instruções de Configuração do Fornecedor de Identidade

Atributos Necessários

O serviço Recorder EDUcast utiliza os seguintes atributos:

Obrigatórios

Configurações Software Shibboleth "Identity Provider"

relying-party.xml
<!-- Recorder Educast -->
  <rp:RelyingParty id="https://recorder.educast.fccn.pt/simplesamlphp" provider=“[entityID do IDP da sua instituição]" defaultSigningCredentialRef="IdPCredential" >
    <rp:ProfileConfiguration xsi:type="saml:SAML2SSOProfile" encryptNameIds="never" />
  </rp:RelyingParty>
attribute-resolver.xml
<resolver:AttributeDefinition id="Givenname" xsi:type="Simple" 
  xmlns="urn:mace:shibboleth:2.0:resolver:ad" 
  sourceAttributeID="[Source no repositorio que possui o givenName]">
  <resolver:Dependency ref="[Connector ao repositorio de atributos]" />
  <resolver:AttributeEncoder xsi:type="SAML1String" 
    xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
    name="urn:mace:dir:attribute-def:INETORGPERSON_GIVENNAME" />
  <resolver:AttributeEncoder xsi:type="SAML2String" 
    xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
    name="urn:oid:2.5.4.42" friendlyName="INETORGPERSON_GIVENNAME" />
</resolver:AttributeDefinition>

<resolver:AttributeDefinition id="displayName" xsi:type="Simple" 
  xmlns="urn:mace:shibboleth:2.0:resolver:ad" 
  sourceAttributeID="="[Source no repositorio que possui o sn]">
  <resolver:Dependency ref="[Connector ao repositorio de atributos]"  />
  <resolver:AttributeEncoder xsi:type="SAML1String" 
    xmlns="urn:mace:shibboleth:2.0:attribute:encoder" 
    name="urn:mace:dir:attribute-def:PERSON_SURNAME" />
  <resolver:AttributeEncoder xsi:type="SAML2String" 
    xmlns="urn:mace:shibboleth:2.0:attribute:encoder" 
    name="urn:oid:2.5.4.4" friendlyName="PERSON_SURNAME" />
</resolver:AttributeDefinition>

<resolver:AttributeDefinition id="Mail" xsi:type="Simple" 
  xmlns="urn:mace:shibboleth:2.0:resolver:ad" 
  sourceAttributeID="[Source no repositorio que possui o mail]">
  <resolver:Dependency ref="[Connector ao repositorio de atributos]" />
  <resolver:AttributeEncoder xsi:type="SAML1String" 
  xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
  name="urn:mace:dir:attribute-def:INETORGPERSON_MAIL" />
  <resolver:AttributeEncoder xsi:type="SAML2String" 
  xmlns="urn:mace:shibboleth:2.0:attribute:encoder" 
  name="urn:oid:0.9.2342.19200300.100.1.3" 
  friendlyName="INETORGPERSON_MAIL" />
</resolver:AttributeDefinition>

<resolver:AttributeDefinition id="Entidade" 
  xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad" 
  sourceAttributeID="[Source no repositorio que possui o atributo o]">
<resolver:Dependency ref="[identificador do DataConnector]" />
  <resolver:AttributeEncoder xsi:type="SAML1String" 
    xmlns="urn:mace:shibboleth:2.0:attribute:encoder" 
    name="urn:mace:dir:attribute-def:o"/>
  <resolver:AttributeEncoder xsi:type="SAML2String" 
    xmlns="urn:mace:shibboleth:2.0:attribute:encoder" 
    name="urn:oid:2.5.4.10" friendlyName="o" />
</resolver:AttributeDefinition>

<resolver:AttributeDefinition id="eduPersonPrimaryAffiliation" 
  xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad" 
  sourceAttributeID="[Source no repositorio que possui o PersonAffiliation]">
  <resolver:Dependency ref="[Connector ao repositorio de atributos]" />
  <resolver:AttributeEncoder xsi:type="SAML1String" 
    xmlns="urn:mace:shibboleth:2.0:attribute:encoder" 
    name="urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation" />
  <resolver:AttributeEncoder xsi:type="SAML2String" 
    xmlns="urn:mace:shibboleth:2.0:attribute:encoder" 
    name="urn:oid:1.3.6.1.4.1.5923.1.1.1.5" 
    friendlyName="eduPersonPrimaryAffiliation" />
</resolver:AttributeDefinition>
 
<resolver:AttributeDefinition id="eduPersonPrincipalName" 
xsi:type="Scoped" xmlns="urn:mace:shibboleth:2.0:resolver:ad" scope="[domínio institucional]" sourceAttributeID="sAMAccountName">
  <resolver:Dependency ref="[Connector ao repositorio de atributos]" />
  <resolver:AttributeEncoder xsi:type="SAML1ScopedString" 
xmlns="urn:mace:shibboleth:2.0:attribute:encoder" name="urn:mace:dir:attribute-def:eduPersonPrincipalName" />
  <resolver:AttributeEncoder xsi:type="SAML2ScopedString" 
xmlns="urn:mace:shibboleth:2.0:attribute:encoder" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" friendlyName="eduPersonPrincipalName" /> </resolver:AttributeDefinition>
attribute-filter.xml
<afp:AttributeFilterPolicy>
 <afp:PolicyRequirementRule xsi:type="basic:AttributeRequesterString" value="https://recorder.educast.fccn.pt" />

  <afp:AttributeRule attributeID="transientId">
    <afp:PermitValueRule xsi:type="basic:ANY" />
  </afp:AttributeRule>

  <afp:AttributeRule attributeID="Givenname">
    <afp:PermitValueRule xsi:type="basic:ANY" />
  </afp:AttributeRule>

  <afp:AttributeRule attributeID="displayName">
    <afp:PermitValueRule xsi:type="basic:ANY" />
  </afp:AttributeRule>

  <afp:AttributeRule attributeID="Mail">
    <afp:PermitValueRule xsi:type="basic:ANY" />
  </afp:AttributeRule>

  <afp:AttributeRule attributeID="eduPersonPrimaryAffiliation">
    <afp:PermitValueRule xsi:type="basic:ANY" />
  </afp:AttributeRule>

  <afp:AttributeRule attributeID="Entidade">
    <afp:PermitValueRule xsi:type="basic:ANY" />
  </afp:AttributeRule>

  <afp:AttributeRule attributeID="CommonName">
    <afp:PermitValueRule xsi:type="basic:ANY" />
  </afp:AttributeRule>
</afp:AttributeFilterPolicy>


 

  • No labels