Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • If allow list is defined, all IdPs not on it are filtered out.
  • If deny list is defined, all IdPs on it are filtered out.
Info
iconfalse
titleMerging two filter types

When both entity categories and idp list filters are used together, the list shown comprises of IdPs not filtered out by categories filter with possible additions of IdP allow list or possible deductions of IdP deny list.

The assumption is that SP creates the base of the rules using categories filtering and then possible exceptions to those rules by Allow/Deny lists of IdPs.


Expand
titleExample: Research and Scholarship, Allow list of entity categories

This example shows how to show only IdPs tagged with Research and Scholarship entity category.

Navigate to filter generator, https://discovery.eduteams.org/filter.php.

Click open the 'select entity categories' - accordion. You should now see all the possible entity categories to choose from in a grey box.

Move http://refeds.org/category/research-and-scholarship to green box. Move also http://id.incommon.org/category/research-and-scholarship.


At the bottom of the page you should see the resulting filter and it's plaintext version.


Info
iconfalse
titleOutcome

Show only IdPs having atleast one of the categories http://refeds.org/category/research-and-scholarship and http://id.incommon.org/category/research-and-scholarship.


...

Expand
titleExample: Allow list of IdPs

This example shows how to select a specific set of IdPs.

Navigate to filter generator, https://discovery.eduteams.org/filter.php.

Click open the 'select individual IdPs' - accordion. You should now see all the possible IdPs to select from.

Make sure that the radio - button 'Selected IdPs will be visible' is checked. Select the entities you want the user to pick the IdP from.



At the bottom of the page you should see the resulting filter and it's plaintext version. Note that by picking individual IdPs you will easily end up with a large filter and you need to set it by reference.


Info
iconfalse
titleOutcome

Show only IdPs https://idp.aalto.fi/idp/shibboleth, https://birk.wayf.dk/birk.php/wayf.au.dk and https://shibboleth.aber.ac.uk/shibboleth-TST.



Merging two filter types

When both entity categories and idp list filters are used together, the list shown comprises of IdPs not filtered out by categories filter with possible additions of IdP allow list or possible deductions of IdP deny list.

Expand
titleExample: Select entities by category and then some

This example shows how to show specific set of IdPs and all IdPs tagged with Research and Scholarship entity category.

Expand
titleExample: Select entities by category except one

This example shows how to show all IdPs tagged with Research and Scholarship entity category except one.


The assumption is that SP creates the base of the rules using categories filtering and then possible exceptions to those rules by Allow/Deny lists of IdPs.

Applying the filter in discovery request

...