Commit fa6788e0 authored by haemmer's avatar haemmer

Renamed Location property to Keywords property

parent 9527f9f4
......@@ -38,8 +38,8 @@ SWITCHwayf Changes and Version History:
Code contributed by Takeshi Nishimura from NII (Japan)
- If the Discovery Feed feature is activated only those IdPs are shown
that are contained in the feed. Others will be hidden automatically.
- Added Location property to format of IDP entries to allow users to
search Identity Providers using a geographical hint.
- Added Keywords property to format of IDP entries to allow users to
search Identity Providers using a keyword.
1.15 Release date: 21. October 2011
- A default and custom CSS file can now be used
......
......@@ -261,15 +261,17 @@ the entry stands for an Identity Provider. For entries of Type category, the
words that are not allowed to be assigned to
entries for Identity Providers.
['Name']: Mandatory Default name to display in drop-down list
['en'|'it'|'fr'|'de'|'pt']['Name']:
Optional Display name in other languages
['en'|'it'|'fr'|'de'|...] Language dependent:
['Name']: Optional Display name
['Keywords']: Optional Keywords associated with the Identity Provider.
Used for search-as-you-type feature of improved
drop-down list. Space delimited.
['SSO']: Mandatory Should be the SAML1 SSO endpoint of the IdP
['Realm']: Optional Kerberos Realm
['IP'][]: Optional IP ranges of that organizations that can be used to
guess a user's Identity Provider
['Location'][]: Optional Geographical places associated with the
Identity Provider. Used for search-as-you-type
feature of improved drop-down list.
['Index']: Optional An alphanumerical value that is used for sorting
categories and Identity Provider in ascending order
if the Identity Providers are parsed from metadata.
......
......@@ -25,7 +25,7 @@ $IDProviders['bristol.ac.uk'] = array (
'Name' => 'University of Bristol',
'SSO' => 'https://sso.bris.ac.uk/sso/index.jsp',
'Realm' => 'ADS.BRIS.AC.UK',
'Location' => array ('Bristol','South West England','England'),
'en' => array ('Keywords' => 'Bristol South+West+England'),
);
// Example with optional network blocks that can be used as an
......@@ -48,11 +48,17 @@ $IDProviders['vho'] = array (
$IDProviders['urn:mace:switch.ch:SWITCHaai:vho-switchaai.ch'] = array (
'Type' => 'vho',
'Name' => 'Virtual Home Organisation',
'de' => array ('Name' => 'Virtuelle Home Organisation'),
'en' => array (
'Name' => 'Virtual Home Organisation',
'Keywords','Zurich Switzerland',
),
'de' => array (
'Name' => 'Virtuelle Home Organisation',
'Keywords','Zrich Schweiz',
),
'fr' => array ('Name' => 'Home Organisation Virtuelle'),
'it' => array ('Name' => 'Virtuale Home Organisation'),
'IP' => array ('130.59.6.0/16','127.0.0.0/24'),
'Location' => array ('Zurich','Switzerland'),
'SSO' => 'https://aai.vho-switchaai.ch/shibboleth-idp/SSO',
);
......
......@@ -57,37 +57,36 @@ $userImprovedDropDownList = true;
// metadata file defined below in $metadataFile
$useSAML2Metadata = true;
// If ture parsed metadata shall have precedence if there are entries defined
// in metadata as well as the local IDProviders configuration file.
// Only relevant if $useSAML2Metadata is true
$SAML2MetaOverLocalConf = false;
// If includeLocalConfEntries parameter is set to true, Identity Providers
// not listed in metadata but defined in the local IDProviders file will also
// be displayed in the drop down list. This is required if you need to add
// local exceptions over the federation metadata
// Only relevant if $useSAML2Metadata is true
$includeLocalConfEntries = true;
// Whether the return parameter is checked against SAML2 metadata or not
// The Discovery Service specification says the DS SHOULD check this in order
// to mitigate phising problems.
// You must have $useSAML2Metadata = true in order to activate this check.
// The return parameter will only be checked if the Service Provider's metadata
// contains an <idpdisc:DiscoveryResponse> or if the assertion consumer url
// check below is enabled
$enableDSReturnParamCheck = true;
// If true, the return parameter is checked for Service Providers that
// don't have and <idpdisc:DiscoveryResponse> extension set. Instead of this
// extension, the hostnames of the assertion consumer URLs are used to check
// the return parameter against.
// This feature is useful in case the Service Provider's metadata doesn't contain
// a <idpdisc:DiscoveryResponse> extension. It increases security for Service
// Provider's that don't have an <idpdisc:DiscoveryResponse> extensions.
// This feature only is active if $enableDSReturnParamCheck = true
// and if $useSAML2Metadata = true
$useACURLsForReturnParamCheck = false;
// If true parsed metadata shall have precedence if there are entries defined
// in metadata as well as the local IDProviders configuration file.
// Requires $useSAML2Metadata to be true
$SAML2MetaOverLocalConf = false;
// If includeLocalConfEntries parameter is set to true, Identity Providers
// not listed in metadata but defined in the local IDProviders file will also
// be displayed in the drop down list. This is required if you need to add
// local exceptions over the federation metadata
// Requires $useSAML2Metadata to be true
$includeLocalConfEntries = true;
// Whether the return parameter is checked against SAML2 metadata or not
// The Discovery Service specification says the DS SHOULD check this in order
// to mitigate phising problems.
// The return parameter will only be checked if the Service Provider's metadata
// contains an <idpdisc:DiscoveryResponse> or if the assertion consumer url
// check below is enabled
// Requires $useSAML2Metadata to be true
$enableDSReturnParamCheck = true;
// If true, the return parameter is checked for Service Providers that
// don't have and <idpdisc:DiscoveryResponse> extension set. Instead of this
// extension, the hostnames of the assertion consumer URLs are used to check
// the return parameter against.
// This feature is useful in case the Service Provider's metadata doesn't contain
// a <idpdisc:DiscoveryResponse> extension. It increases security for Service
// Provider's that don't have an <idpdisc:DiscoveryResponse> extensions.
// Requires $useSAML2Metadata and $enableDSReturnParamCheck to be true
$useACURLsForReturnParamCheck = false;
// Whether to turn on Kerberos support for Identity Provider preselection
$useKerberos = false;
......@@ -105,21 +104,22 @@ $useReverseDNSLookup = false;
// Therefore, only enable this feature if you know what you are doing!
$useEmbeddedWAYF = false;
// If enabled the Embedded WAYF will prevent releasing information
// about the user's preselected Identity Provider
// While this is benefical to the data protection of the user, it will also
// prevent preselecting the user's Identity Provider. Thus, users will have
// to preselect their IdP each and every time
$useEmbeddedWAYFPrivacyProtection = false;
// If enabled, the referer hostname of the request must match tan assertion
// consumer URL or a discovery URL of a Service Provider in $metadataSPFile
// in order to let the Embedded WAYF preselect an Identity Provider.
// Therefore, this option is a good compromise between data protection and
// userfriendlyness.
// This option can only be used if $useEmbeddedWAYFPrivacyProtection is false
// and $useSAML2Metadata is true
$useEmbeddedWAYFRefererForPrivacyProtection = false;
// If enabled the Embedded WAYF will prevent releasing information
// about the user's preselected Identity Provider
// While this is benefical to the data protection of the user, it will also
// prevent preselecting the user's Identity Provider. Thus, users will have
// to preselect their IdP each and every time
// Requires $useEmbeddedWAYF to be true
$useEmbeddedWAYFPrivacyProtection = false;
// If enabled, the referer hostname of the request must match tan assertion
// consumer URL or a discovery URL of a Service Provider in $metadataSPFile
// in order to let the Embedded WAYF preselect an Identity Provider.
// Therefore, this option is a good compromise between data protection and
// userfriendlyness.
// Requires $useSAML2Metadata to be true and $useEmbeddedWAYFPrivacyProtection
// to be false
$useEmbeddedWAYFRefererForPrivacyProtection = false;
// Whether or not to add the entityID of the preselected IdP to the
// exported JSON/Text/PHP Code
......
......@@ -472,8 +472,8 @@ function composeOptionTitle($IdPValues){
foreach($IdPValues as $key => $value){
if (is_array($value) && isset($value['Name'])){
$title .= ' '.$value['Name'];
} elseif ($key == 'Location' && is_array($value)) {
$title .= ' '.implode(' ', $value);
} elseif (is_array($value) && isset($value['Keywords'])) {
$title .= ' '.$value['Keywords'];
}
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment