Hi Paul,
On 19 Jul 2012, at 15:31, Paul Campbell wrote:
> Hi,
>
> I'm looking at using Shibboleth as the auth provider for Moodle. Unfortunately the documentation is rather sparse. Has anyone else done this?
>
> * Do I need to register my Moodle site with the federation if I'm only allowing our own staff/students to login?
>
You can put the metadata for your Moodle's SP in a file and load it into your IdP manually via a MetadataProvider stanza in your relying-party.xml. We tend to do this with test SPs where we want to ensure they are working correctly before submitting them to the UK Federation.
> * What change would attribute-filter.xml need to release the username (ladp:cn) to just moodle?
You would probably want to release either the eduPersonPrincipalName (i.e. [log in to unmask]) or uid field to Moodle- here's one I did earlier (sort of)
<AttributeFilterPolicy id="Moodle-SP">
<PolicyRequirementRule xsi:type="basic:AttributeRequesterString" value="https://i.am.a.moodle.sp/shibboleth" />
<AttributeRule attributeID="eduPersonPrincipalName">
<PermitValueRule xsi:type="basic:ANY" />
</AttributeRule>
<AttributeRule attributeID="uid">
<PermitValueRule xsi:type="basic:ANY" />
</AttributeRule>
</AttributeFilterPolicy>
>
> Thanks in advance for any advice.
>
> --
> Paul Campbell <[log in to unmask]>
> Carnegie College
>
> This email and any attachments may contain private and confidential information and is solely intended for the recipient(s) only. If you have received this email and any attachments in error and you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information is strictly prohibited. If you have received this message in error, please notify the sender immediately by reply email and delete the message and any attachments without retaining any copies. Any views or other information in this message which do not relate to our business are not authorised by us, nor does this message form part of any contract unless so stated.
>
> We offer no guarantees that this email or any attachment will be received error or virus free and accept no responsibility whatsoever in this regard.
> Our e-mail system is subject to random monitoring and recording by us.
>
> Carnegie College is a body incorporated under the Further and Higher Education (Scotland) Act 1992. Check out what is new at Carnegie @ www.carnegiecollege.ac.uk
>
/****************************
Mark R Cairney
ITI UNIX Section
Information Services
Tel: 0131 650 6565
Email: [log in to unmask]
****************************/
--
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.
|