Versions Compared

Old Version 24

changes.mady.by.user Ian Young

Saved on

compared with

New Version 25

changes.mady.by.user Scott Cantor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel2

Information about Project Access

...

The issue tracking service (https://issues.shibboleth.net) provides a place to view and track bugs, tasks, and feature/improvement requests for the Shibboleth software. We are in the midst of a transition from the old hosted instance (https://issues.shibboleth.net) to the cloud instance (https://shibboleth.atlassian.net/jira). We are currently migrating projects to the cloud in small batches while testing features. See below for conversion status.

All issue descriptions and comments within the issue tracking service are licensed under the Creative Commons Attribute-ShareAlike 3.0 Unported (CC BY-SA 3.0) license.

All code/patches submitted to the issue tracking service are licensed under the Apache License, version 2 and contributed to the Shibboleth project per the terms set out in the Internet2 Intellectual Property Framework.The system is still (temporarily, pending the move to the cloud) SAML-enabled by the project’s Contribution Policy.

Migrated Projects

The following projects have been migrated to the cloud platform and are no longer officially available via the old site. Some older URLs may continue to function until the conversion is closer to complete across the board.

  • OpenSAML-Java V1

  • OpenSAML-C++ V1

All other projects, including the member support services, remain at their original locations.

Federated Access

The older hosted platform is SAML-enabled, and users wishing to post, comment on, or be informed of changes to data will need to log in via an acceptable IdP. The IdP must release:

  • a required unique identifier for the user (see below)

  • displayName if the user wishes to have a human-readable name suitable for display or search

  • mail if the user wishes to receive notifications (e.g., changes in issue status or updates to wiki pages) via email

Note that users may modify their profile name or email address, but it will be reset to an IdP-supplied value each time they login.

...

The precise set of SAML 1.1 attributes supported is:

  • urn:mace:dir:attribute-def:eduPersonPrincipalName (preferred)

  • urn:oasis:names:tc:SAML:attribute:subject-id (SAML Subject ID, new proposed standard, preferred)

  • urn:oasis:names:tc:SAML:attribute:pairwise-id (SAML Pairwise ID, new proposed standard, discouraged)

  • urn:oid:1.3.6.1.4.1.5923.1.1.1.10 (targetedID as SAML attribute, strongly discouraged)

  • urn:mace:dir:attribute-def:displayName (preferred)

  • urn:mace:dir:attribute-def:cn

  • urn:mace:dir:attribute-def:mail

For SAML 2.0:

  • urn:oid:1.3.6.1.4.1.5923.1.1.1.6 (EPPN, preferred)

  • urn:oasis:names:tc:SAML:attribute:subject-id (SAML Subject ID, new proposed standard, preferred)

  • urn:oasis:names:tc:SAML:attribute:pairwise-id (SAML Pairwise ID, new proposed standard, discouraged)

  • urn:oasis:names:tc:SAML:2.0:nameid-format:persistent (targetedID as NameID, strongly discouraged)

  • urn:oid:1.3.6.1.4.1.5923.1.1.1.10 (targetedID as SAML attribute, strongly discouraged)

  • urn:oid:2.16.840.1.113730.3.1.241 (displayName, preferred)

  • urn:oid:2.5.4.3 (cn)

  • urn:oid:0.9.2342.19200300.100.1.3 (mail)