[prev in list] [next in list] [prev in thread] [next in thread]
List: shibboleth-users
Subject: RE: edupersonAffiliation attribute fields
From: "Curry, Warren" <whcurry () ufl ! edu>
Date: 2012-10-25 22:04:47
Message-ID: A1662A4C21C69D43B65DDDAD045D4CAF4AA243ED () UFEXCH-MBXN04 ! ad ! ufl ! edu
[Download RAW message or body]
Well you can create eduPerson Scoped affiliation values..example might be..=
. faculty@ufl.edu<mailto:faculty@ufl.edu> vs faculty@ec.ufl.edu<mailto=
:faculty@ec.ufl.edu> this could differentiate different campuses for examp=
le.
At UF we have a large number of internal UF affiliations not eduPerson sche=
ma attributes. We do at times use these with a n SP that is off campus. =
Although not our preferred or normal practice.
I am not sure if this helps. You can see more about UF affiliations at htt=
p://identity.it.ufl.edu/identity-coordination/uf-directory-affiliations/ide=
ntity-registry-affiliations/
Warren H. Curry
UFIT - Identity Access Management
PO Box 113359, 2008 NE Waldo Rd
352-273-1383
Have a great day!!!
From: users-bounces@shibboleth.net [mailto:users-bounces@shibboleth.net] On=
Behalf Of Morris, Andi
Sent: Thursday, October 25, 2012 11:32 AM
To: users@shibboleth.net
Subject: edupersonAffiliation attribute fields
Hi all,
Just a quick one and hopefully an easy one for the more experienced Shibbol=
eth admins than myself. Currently we assign edupersonaffiliation attribute=
s dependent on AD Organisational Unit name, but I've been requested to spli=
t these users up further to separate affiliate members, and UK Affiliate me=
mbers to allow differing access to resources.
I could just tag one of them 'employee' or similar, but I don't want to sta=
rt assigning these fields to arbitrarily in case we start using Shibboleth =
more extensively in the future and require these attributes to be used else=
where.
Is there scope for adding more edupersonaffiliation attributes than the sta=
ndard?
* member
* student
* employee
* faculty
* staff
* alum
* affiliate
Cheers,
Andi
---------------------------------------------------------------
Andi Morris
Technical Security Analyst
Systems and Communications Services
Information Services Division
Cardiff Metropolitan University
Cardiff
Wales
CF5 2YB
02920 205720
--------------------------------------------------------------
________________________________
>From 1st November 2011 UWIC changed its title to Cardiff Metropolitan Univ=
ersity. From the 6th December 2011, as part of this change, all email addre=
sses which included @uwic.ac.uk have changed to @cardiffmet.ac.uk. All emai=
ls sent from Cardiff Metropolitan University will now be sent from the new =
@cardiffmet.ac.uk address. Please could you ensure that all of your contact=
records and databases are updated to reflect this change. Further informat=
ion can be found on the website here.<http://www3.uwic.ac.uk/English/News/P=
ages/UWIC-Name-Change.aspx>
Ar Dachwedd y 1af 2011 newidiodd UWIC ei henw i Brifysgol Fetropolitan Caer=
dydd. O Ragfyr 6ed, fel rhan o'r newid yma, bydd pob cyfeiriad e-bost sy'n =
cynnwys @uwic.ac.uk yn newid i @cardiffmet.ac.uk. Bydd yr holl ebyst a ddan=
fonir o Brifysgol Fetropolitan Caerdydd yn cael eu danfon o'r cyfeiriad @ca=
rdiffmet.ac.uk newydd. Gwnewch yn siwr eich bod yn diweddaru eich cofnodion=
cyswllt a'ch cronfeydd data i adlewyrchu hyn. Gellir cael rhagor o wybodae=
th ar y wefan yma.<http://www3.uwic.ac.uk/English/News/Pages/UWIC-Name-Chan=
ge.aspx>
[Attachment #3 (text/html)]
<html xmlns:v="urn:schemas-microsoft-com:vml" \
xmlns:o="urn:schemas-microsoft-com:office:office" \
xmlns:w="urn:schemas-microsoft-com:office:word" \
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" \
xmlns="http://www.w3.org/TR/REC-html40"> <head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.msochpdefault, li.msochpdefault, div.msochpdefault
{mso-style-name:msochpdefault;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Calibri","sans-serif";}
span.emailstyle17
{mso-style-name:emailstyle17;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:168755661;
mso-list-template-ids:2052729500;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#1F497D">Well you can create eduPerson Scoped \
affiliation values..example might be… <a \
href="mailto:faculty@ufl.edu">faculty@ufl.edu</a> vs <a \
href="mailto:faculty@ec.ufl.edu">faculty@ec.ufl.edu</a> this could \
differentiate different campuses for example. <o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">At UF we have a large number of \
internal UF affiliations not eduPerson schema attributes. We do at times \
use these with a n SP that is off campus. Although not our preferred or normal \
practice. <o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">I am not sure if this helps. \
You can see more about UF affiliations at \
http://identity.it.ufl.edu/identity-coordination/uf-directory-affiliations/identity-registry-affiliations/<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal"><span style="color:#1F497D">Warren H. \
Curry<o:p></o:p></span></p> <p class="MsoNormal"><span style="color:#1F497D">UFIT \
– Identity Access Management<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="color:#1F497D">PO Box 113359, 2008 NE Waldo Rd<o:p></o:p></span></p> <p \
class="MsoNormal"><span style="color:#1F497D">352-273-1383 <o:p></o:p></span></p> <p \
class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p> <p \
class="MsoNormal"><span style="color:#1F497D">Have a great \
day!!!<o:p></o:p></span></p> </div>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span \
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span \
style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> \
users-bounces@shibboleth.net [mailto:users-bounces@shibboleth.net] <b>On Behalf Of \
</b>Morris, Andi<br> <b>Sent:</b> Thursday, October 25, 2012 11:32 AM<br>
<b>To:</b> users@shibboleth.net<br>
<b>Subject:</b> edupersonAffiliation attribute fields<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal"><span lang="EN-GB">Hi all,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">Just a quick one and hopefully an easy one \
for the more experienced Shibboleth admins than myself. Currently we assign \
edupersonaffiliation attributes dependent on AD Organisational Unit name, but \
I’ve been requested to split these users up further to separate affiliate \
members, and UK Affiliate members to allow differing access to \
resources.<o:p></o:p></span></p> <p class="MsoNormal"><span \
lang="EN-GB"> <o:p></o:p></span></p> <p class="MsoNormal"><span lang="EN-GB">I \
could just tag one of them ‘employee’ or similar, but I don’t want \
to start assigning these fields to arbitrarily in case we start using Shibboleth more \
extensively in the future and require these attributes to be used \
elsewhere.<o:p></o:p></span></p> <p class="MsoNormal"><span \
lang="EN-GB"> <o:p></o:p></span></p> <p class="MsoNormal"><span lang="EN-GB">Is \
there scope for adding more edupersonaffiliation attributes than the \
standard?<o:p></o:p></span></p> <ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:black;line-height:13.5pt;mso-list:l0 level1 \
lfo1;background:white"> <span lang="EN-GB" \
style="font-size:9.0pt;font-family:"Verdana","sans-serif"">member</span><span \
lang="EN-GB"><o:p></o:p></span></li><li class="MsoNormal" \
style="color:black;line-height:13.5pt;mso-list:l0 level1 lfo1;background:white"> \
<span lang="EN-GB" style="font-size:9.0pt;font-family:"Verdana","sans-serif"">student</span><span \
lang="EN-GB"><o:p></o:p></span></li><li class="MsoNormal" \
style="color:black;line-height:13.5pt;mso-list:l0 level1 lfo1;background:white"> \
<span lang="EN-GB" style="font-size:9.0pt;font-family:"Verdana","sans-serif"">employee</span><span \
lang="EN-GB"><o:p></o:p></span></li><li class="MsoNormal" \
style="color:black;line-height:13.5pt;mso-list:l0 level1 lfo1;background:white"> \
<span lang="EN-GB" style="font-size:9.0pt;font-family:"Verdana","sans-serif"">faculty</span><span \
lang="EN-GB"><o:p></o:p></span></li><li class="MsoNormal" \
style="color:black;line-height:13.5pt;mso-list:l0 level1 lfo1;background:white"> \
<span lang="EN-GB" style="font-size:9.0pt;font-family:"Verdana","sans-serif"">staff</span><span \
lang="EN-GB"><o:p></o:p></span></li><li class="MsoNormal" \
style="color:black;line-height:13.5pt;mso-list:l0 level1 lfo1;background:white"> \
<span lang="EN-GB" style="font-size:9.0pt;font-family:"Verdana","sans-serif"">alum</span><span \
lang="EN-GB"><o:p></o:p></span></li><li class="MsoNormal" \
style="color:black;line-height:13.5pt;mso-list:l0 level1 lfo1;background:white"> \
<span lang="EN-GB" style="font-size:9.0pt;font-family:"Verdana","sans-serif"">affiliate</span><span \
lang="EN-GB"><o:p></o:p></span></li></ul> <p class="MsoNormal"><span \
lang="EN-GB">Cheers,<o:p></o:p></span></p> <p class="MsoNormal"><span \
lang="EN-GB">Andi<o:p></o:p></span></p> <p class="MsoNormal"><span \
lang="EN-GB"> <o:p></o:p></span></p> <p class="MsoNormal"><span \
lang="EN-GB"> <o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:10.0pt;font-family:"Arial","sans-serif"">---------------------------------------------------------------<br>
Andi Morris<br>
Technical Security Analyst</span><span lang="EN-GB"><o:p></o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:10.0pt;font-family:"Arial","sans-serif"">Systems \
and Communications Services<br> Information Services Division<br>
Cardiff Metropolitan University<br>
Cardiff<br>
Wales<br>
CF5 2YB</span><span lang="EN-GB"><o:p></o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:10.0pt;font-family:"Arial","sans-serif""> </span><span \
lang="EN-GB"><o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:10.0pt;font-family:"Arial","sans-serif"">02920 \
205720</span><span lang="EN-GB"><o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:10.0pt;font-family:"Arial","sans-serif"">--------------------------------------------------------------</span><span \
lang="EN-GB"><o:p></o:p></span></p> <p class="MsoNormal"><span \
lang="EN-GB"> <o:p></o:p></span></p> </div>
<div class="MsoNormal" align="center" style="text-align:center"><span lang="EN-GB" \
style="font-size:12.0pt;font-family:"Times New Roman","serif""> \
<hr size="2" width="100%" align="center"> </span></div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-GB" \
style="font-size:12.0pt;font-family:"Times New \
Roman","serif""><br> >From 1st November 2011 UWIC changed its title \
to Cardiff Metropolitan University. From the 6th December 2011, as part of this \
change, all email addresses which included @uwic.ac.uk have changed to \
@cardiffmet.ac.uk. All emails sent from Cardiff Metropolitan University will now be \
sent from the new @cardiffmet.ac.uk address. <b>Please could you ensure that all of \
your contact records and databases are updated to reflect this change.</b> Further \
information can be found on the website <a \
href="http://www3.uwic.ac.uk/English/News/Pages/UWIC-Name-Change.aspx">here.</a> <br>
<br>
Ar Dachwedd y 1af 2011 newidiodd UWIC ei henw i Brifysgol Fetropolitan Caerdydd. O \
Ragfyr 6ed, fel rhan o'r newid yma, bydd pob cyfeiriad e-bost sy'n cynnwys \
@uwic.ac.uk yn newid i @cardiffmet.ac.uk. Bydd yr holl ebyst a ddanfonir o Brifysgol \
Fetropolitan Caerdydd yn cael eu danfon o‘r cyfeiriad @cardiffmet.ac.uk \
newydd. <b>Gwnewch yn siwr eich bod yn diweddaru eich cofnodion cyswllt a'ch \
cronfeydd data i adlewyrchu hyn.</b> Gellir cael rhagor o wybodaeth ar y wefan <a \
href="http://www3.uwic.ac.uk/English/News/Pages/UWIC-Name-Change.aspx">yma.</a> \
<o:p></o:p></span></p> </div>
</body>
</html>
--
To unsubscribe from this list send an email to users-unsubscribe@shibboleth.net
--===============7146994040601354891==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic