Commit fa6788e0 authored by haemmer's avatar haemmer

Renamed Location property to Keywords property

parent 9527f9f4
...@@ -38,8 +38,8 @@ SWITCHwayf Changes and Version History: ...@@ -38,8 +38,8 @@ SWITCHwayf Changes and Version History:
Code contributed by Takeshi Nishimura from NII (Japan) Code contributed by Takeshi Nishimura from NII (Japan)
- If the Discovery Feed feature is activated only those IdPs are shown - If the Discovery Feed feature is activated only those IdPs are shown
that are contained in the feed. Others will be hidden automatically. that are contained in the feed. Others will be hidden automatically.
- Added Location property to format of IDP entries to allow users to - Added Keywords property to format of IDP entries to allow users to
search Identity Providers using a geographical hint. search Identity Providers using a keyword.
1.15 Release date: 21. October 2011 1.15 Release date: 21. October 2011
- A default and custom CSS file can now be used - A default and custom CSS file can now be used
......
...@@ -261,15 +261,17 @@ the entry stands for an Identity Provider. For entries of Type category, the ...@@ -261,15 +261,17 @@ the entry stands for an Identity Provider. For entries of Type category, the
words that are not allowed to be assigned to words that are not allowed to be assigned to
entries for Identity Providers. entries for Identity Providers.
['Name']: Mandatory Default name to display in drop-down list ['Name']: Mandatory Default name to display in drop-down list
['en'|'it'|'fr'|'de'|'pt']['Name']:
Optional Display name in other languages ['en'|'it'|'fr'|'de'|...] Language dependent:
['Name']: Optional Display name
['Keywords']: Optional Keywords associated with the Identity Provider.
Used for search-as-you-type feature of improved
drop-down list. Space delimited.
['SSO']: Mandatory Should be the SAML1 SSO endpoint of the IdP ['SSO']: Mandatory Should be the SAML1 SSO endpoint of the IdP
['Realm']: Optional Kerberos Realm ['Realm']: Optional Kerberos Realm
['IP'][]: Optional IP ranges of that organizations that can be used to ['IP'][]: Optional IP ranges of that organizations that can be used to
guess a user's Identity Provider guess a user's Identity Provider
['Location'][]: Optional Geographical places associated with the
Identity Provider. Used for search-as-you-type
feature of improved drop-down list.
['Index']: Optional An alphanumerical value that is used for sorting ['Index']: Optional An alphanumerical value that is used for sorting
categories and Identity Provider in ascending order categories and Identity Provider in ascending order
if the Identity Providers are parsed from metadata. if the Identity Providers are parsed from metadata.
......
...@@ -25,7 +25,7 @@ $IDProviders['bristol.ac.uk'] = array ( ...@@ -25,7 +25,7 @@ $IDProviders['bristol.ac.uk'] = array (
'Name' => 'University of Bristol', 'Name' => 'University of Bristol',
'SSO' => 'https://sso.bris.ac.uk/sso/index.jsp', 'SSO' => 'https://sso.bris.ac.uk/sso/index.jsp',
'Realm' => 'ADS.BRIS.AC.UK', 'Realm' => 'ADS.BRIS.AC.UK',
'Location' => array ('Bristol','South West England','England'), 'en' => array ('Keywords' => 'Bristol South+West+England'),
); );
// Example with optional network blocks that can be used as an // Example with optional network blocks that can be used as an
...@@ -48,11 +48,17 @@ $IDProviders['vho'] = array ( ...@@ -48,11 +48,17 @@ $IDProviders['vho'] = array (
$IDProviders['urn:mace:switch.ch:SWITCHaai:vho-switchaai.ch'] = array ( $IDProviders['urn:mace:switch.ch:SWITCHaai:vho-switchaai.ch'] = array (
'Type' => 'vho', 'Type' => 'vho',
'Name' => 'Virtual Home Organisation', 'Name' => 'Virtual Home Organisation',
'de' => array ('Name' => 'Virtuelle Home Organisation'), 'en' => array (
'Name' => 'Virtual Home Organisation',
'Keywords','Zurich Switzerland',
),
'de' => array (
'Name' => 'Virtuelle Home Organisation',
'Keywords','Zrich Schweiz',
),
'fr' => array ('Name' => 'Home Organisation Virtuelle'), 'fr' => array ('Name' => 'Home Organisation Virtuelle'),
'it' => array ('Name' => 'Virtuale Home Organisation'), 'it' => array ('Name' => 'Virtuale Home Organisation'),
'IP' => array ('130.59.6.0/16','127.0.0.0/24'), 'IP' => array ('130.59.6.0/16','127.0.0.0/24'),
'Location' => array ('Zurich','Switzerland'),
'SSO' => 'https://aai.vho-switchaai.ch/shibboleth-idp/SSO', 'SSO' => 'https://aai.vho-switchaai.ch/shibboleth-idp/SSO',
); );
......
...@@ -57,37 +57,36 @@ $userImprovedDropDownList = true; ...@@ -57,37 +57,36 @@ $userImprovedDropDownList = true;
// metadata file defined below in $metadataFile // metadata file defined below in $metadataFile
$useSAML2Metadata = true; $useSAML2Metadata = true;
// If ture parsed metadata shall have precedence if there are entries defined // If true parsed metadata shall have precedence if there are entries defined
// in metadata as well as the local IDProviders configuration file. // in metadata as well as the local IDProviders configuration file.
// Only relevant if $useSAML2Metadata is true // Requires $useSAML2Metadata to be true
$SAML2MetaOverLocalConf = false; $SAML2MetaOverLocalConf = false;
// If includeLocalConfEntries parameter is set to true, Identity Providers // If includeLocalConfEntries parameter is set to true, Identity Providers
// not listed in metadata but defined in the local IDProviders file will also // not listed in metadata but defined in the local IDProviders file will also
// be displayed in the drop down list. This is required if you need to add // be displayed in the drop down list. This is required if you need to add
// local exceptions over the federation metadata // local exceptions over the federation metadata
// Only relevant if $useSAML2Metadata is true // Requires $useSAML2Metadata to be true
$includeLocalConfEntries = true; $includeLocalConfEntries = true;
// Whether the return parameter is checked against SAML2 metadata or not // Whether the return parameter is checked against SAML2 metadata or not
// The Discovery Service specification says the DS SHOULD check this in order // The Discovery Service specification says the DS SHOULD check this in order
// to mitigate phising problems. // to mitigate phising problems.
// You must have $useSAML2Metadata = true in order to activate this check. // The return parameter will only be checked if the Service Provider's metadata
// The return parameter will only be checked if the Service Provider's metadata // contains an <idpdisc:DiscoveryResponse> or if the assertion consumer url
// contains an <idpdisc:DiscoveryResponse> or if the assertion consumer url // check below is enabled
// check below is enabled // Requires $useSAML2Metadata to be true
$enableDSReturnParamCheck = true; $enableDSReturnParamCheck = true;
// If true, the return parameter is checked for Service Providers that // If true, the return parameter is checked for Service Providers that
// don't have and <idpdisc:DiscoveryResponse> extension set. Instead of this // don't have and <idpdisc:DiscoveryResponse> extension set. Instead of this
// extension, the hostnames of the assertion consumer URLs are used to check // extension, the hostnames of the assertion consumer URLs are used to check
// the return parameter against. // the return parameter against.
// This feature is useful in case the Service Provider's metadata doesn't contain // This feature is useful in case the Service Provider's metadata doesn't contain
// a <idpdisc:DiscoveryResponse> extension. It increases security for Service // a <idpdisc:DiscoveryResponse> extension. It increases security for Service
// Provider's that don't have an <idpdisc:DiscoveryResponse> extensions. // Provider's that don't have an <idpdisc:DiscoveryResponse> extensions.
// This feature only is active if $enableDSReturnParamCheck = true // Requires $useSAML2Metadata and $enableDSReturnParamCheck to be true
// and if $useSAML2Metadata = true $useACURLsForReturnParamCheck = false;
$useACURLsForReturnParamCheck = false;
// Whether to turn on Kerberos support for Identity Provider preselection // Whether to turn on Kerberos support for Identity Provider preselection
$useKerberos = false; $useKerberos = false;
...@@ -105,21 +104,22 @@ $useReverseDNSLookup = false; ...@@ -105,21 +104,22 @@ $useReverseDNSLookup = false;
// Therefore, only enable this feature if you know what you are doing! // Therefore, only enable this feature if you know what you are doing!
$useEmbeddedWAYF = false; $useEmbeddedWAYF = false;
// If enabled the Embedded WAYF will prevent releasing information // If enabled the Embedded WAYF will prevent releasing information
// about the user's preselected Identity Provider // about the user's preselected Identity Provider
// While this is benefical to the data protection of the user, it will also // While this is benefical to the data protection of the user, it will also
// prevent preselecting the user's Identity Provider. Thus, users will have // prevent preselecting the user's Identity Provider. Thus, users will have
// to preselect their IdP each and every time // to preselect their IdP each and every time
$useEmbeddedWAYFPrivacyProtection = false; // Requires $useEmbeddedWAYF to be true
$useEmbeddedWAYFPrivacyProtection = false;
// If enabled, the referer hostname of the request must match tan assertion
// consumer URL or a discovery URL of a Service Provider in $metadataSPFile // If enabled, the referer hostname of the request must match tan assertion
// in order to let the Embedded WAYF preselect an Identity Provider. // consumer URL or a discovery URL of a Service Provider in $metadataSPFile
// Therefore, this option is a good compromise between data protection and // in order to let the Embedded WAYF preselect an Identity Provider.
// userfriendlyness. // Therefore, this option is a good compromise between data protection and
// This option can only be used if $useEmbeddedWAYFPrivacyProtection is false // userfriendlyness.
// and $useSAML2Metadata is true // Requires $useSAML2Metadata to be true and $useEmbeddedWAYFPrivacyProtection
$useEmbeddedWAYFRefererForPrivacyProtection = false; // to be false
$useEmbeddedWAYFRefererForPrivacyProtection = false;
// Whether or not to add the entityID of the preselected IdP to the // Whether or not to add the entityID of the preselected IdP to the
// exported JSON/Text/PHP Code // exported JSON/Text/PHP Code
......
...@@ -472,8 +472,8 @@ function composeOptionTitle($IdPValues){ ...@@ -472,8 +472,8 @@ function composeOptionTitle($IdPValues){
foreach($IdPValues as $key => $value){ foreach($IdPValues as $key => $value){
if (is_array($value) && isset($value['Name'])){ if (is_array($value) && isset($value['Name'])){
$title .= ' '.$value['Name']; $title .= ' '.$value['Name'];
} elseif ($key == 'Location' && is_array($value)) { } elseif (is_array($value) && isset($value['Keywords'])) {
$title .= ' '.implode(' ', $value); $title .= ' '.$value['Keywords'];
} }
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment