diff options
Diffstat (limited to 'conf-from-container/conf/intercept/consent-intercept-config.xml')
| -rw-r--r-- | conf-from-container/conf/intercept/consent-intercept-config.xml | 136 |
1 files changed, 136 insertions, 0 deletions
diff --git a/conf-from-container/conf/intercept/consent-intercept-config.xml b/conf-from-container/conf/intercept/consent-intercept-config.xml new file mode 100644 index 0000000..ca183a7 --- /dev/null +++ b/conf-from-container/conf/intercept/consent-intercept-config.xml @@ -0,0 +1,136 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:util="http://www.springframework.org/schema/util" + xmlns:p="http://www.springframework.org/schema/p" + xmlns:c="http://www.springframework.org/schema/c" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd + http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd" + + default-init-method="initialize" + default-destroy-method="destroy"> + + <!-- Terms of Use configuration --> + + <!-- + Terms of use is driven by a lookup function returning a key into messages/consent-messages.properties + + The default mapping returns the relying party / SP name as the key. The second example below + demonstrates use of a custom mapping table from the relying party name to the key to use. + --> + + <alias alias="shibboleth.consent.terms-of-use.Key" name="shibboleth.RelyingPartyIdLookup.Simple" /> + + <!-- + <bean id="shibboleth.consent.terms-of-use.Key" + class="com.google.common.base.Functions" factory-method="compose"> + <constructor-arg name="g"> + <bean class="com.google.common.base.Functions" factory-method="forMap" c:defaultValue="terms-of-use"> + <constructor-arg name="map"> + <map> + <entry key="https://sp.example.org/shibboleth" value="example-terms" /> + </map> + </constructor-arg> + </bean> + </constructor-arg> + <constructor-arg name="f"> + <ref bean="shibboleth.RelyingPartyIdLookup.Simple" /> + </constructor-arg> + </bean> + --> + + <!-- Attribute Release configuration --> + + <!-- + Attribute release whitelist, blacklist, and match expressions to determine + whether consent should be obtained for an attribute based on the attribute ID. + --> + + <util:list id="shibboleth.consent.attribute-release.WhitelistedAttributeIDs"> + <!-- + <value>mail</value> + --> + </util:list> + + <util:list id="shibboleth.consent.attribute-release.BlacklistedAttributeIDs"> + <value>transientId</value> + <value>persistentId</value> + <value>eduPersonTargetedID</value> + </util:list> + + <!-- + <bean id="shibboleth.consent.attribute-release.MatchExpression" class="java.util.regex.Pattern" factory-method="compile" + c:_0="^exampleAttribute.*$" /> + --> + + <!-- + Customize the order in which attributes are displayed. + Attribute IDs not present in this list will be sorted according to their + natural order and displayed subsequent to any attribute IDs specified here. + --> + <!-- + <util:list id="shibboleth.consent.attribute-release.AttributeDisplayOrder"> + <value>mail</value> + </util:list> + --> + + <!-- + These beans define mappings between audit log categories and formatting strings. + --> + + <!-- + For terms-of-use acceptance, the default entry is : + 'YYYYMMDDTHHMMSSZ|TermsAccepted|jdoe|example-tou-1|rHo...rrw=|true' + + For terms-of-use refusal, the default entry is : + 'YYYYMMDDTHHMMSSZ|TermsRejected|jdoe|example-tou-1|rHo...rrw=|false' + --> + <util:map id="shibboleth.consent.terms-of-use.AuditFormattingMap"> + <entry key="Shibboleth-Consent-Audit" value="%T|%SP|%e|%u|%CCI|%CCV|%CCA" /> + </util:map> + + <!-- + For attribute-release consent, the default entry is : + 'YYYYMMDDTHHMMSSZ|https://sp.example.org|AttributeReleaseConsent|jdoe|email,eduPersonAffiliation|rHo...rrw=,rHo...rrw=|false,false' + --> + <util:map id="shibboleth.consent.attribute-release.AuditFormattingMap"> + <entry key="Shibboleth-Consent-Audit" value="%T|%SP|%e|%u|%CCI|%CCV|%CCA" /> + </util:map> + + <!-- + The beans below need to be defined, even if left empty. They can be ignored in most cases. + + If you write your own function to extract a new piece of data for auditing, you can install it into one or more + of the maps below to add it to the auditing framework, keyed by an audit field label to be used in formatting. + --> + <bean id="shibboleth.consent.PreConsentAuditExtractors" parent="shibboleth.consent.DefaultPreConsentAuditExtractors" lazy-init="true"> + <property name="sourceMap"> + <map merge="true"> + </map> + </property> + </bean> + + <bean id="shibboleth.consent.ConsentAuditExtractors" parent="shibboleth.consent.DefaultConsentAuditExtractors" lazy-init="true"> + <property name="sourceMap"> + <map merge="true"> + </map> + </property> + </bean> + + <!-- + Specify custom symbolic replacements for attribute names to shrink the size of results saved to client-side storage + such as cookies. + --> + <bean id="shibboleth.consent.AttributeSymbolics" parent="shibboleth.consent.DefaultAttributeSymbolics" lazy-init="true"> + <property name="sourceMap"> + <map merge="true"> + <!-- + <entry key="myAttribute" value="900" /> + --> + </map> + </property> + </bean> + +</beans>
\ No newline at end of file |