Versions Compared

Old Version 6

changes.mady.by.user Scott Cantor

Saved on

compared with

New Version 7

changes.mady.by.user Takeshi Nishimura

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: typo: general-auth.xml to general-authn.xml

...

The beans defined in authn/ipaddress-authn-config.xml follow:

Bean IDTypeDefaultFunction
shibboleth.authn.IPAddress.MappingsMap<String,List<IPRange>>Empty MapThe entry values are a list of CIDR address range strings to map to the username in the entry key
shibboleth.authn.IPAddress.TransformsList<Pair<String,String>>
 

Pairs of regular expressions and replacement expressions to apply to the username
shibboleth.authn.IPAddress.resultCachingPredicate

Predicate<ProfileRequestContext>

 


An optional bean that can be defined to control whether to preserve the authentication result in an IdP session
shibboleth.authn.IPAddress.addDefaultPrincipals3.2BooleantrueWhether to add the content of the supportedPrincipals property of the underlying flow descriptor to the resulting Subject

V2 Compatibility

The authn/IPAddress login flow is the replacement for the 2.x IPAddress login handler. Configuration of address range mappings in handler.xml need to be ported into conf/authn/ipaddress-authn-config.xml.

Note that SAML 1 does not define an AuthenticationMethod constant for this kind of authentication, so only a SAML 2 AuthnContextClassRef is defined in conf/authn/general-authauthn.xml. An "unspecified" method constant will be used with SAML 1 unless configured otherwise.

...