fix(schema): update attribute filter config

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
nextcloud · Sep 27, 2023 · 46aa9b2 · 46aa9b2
1 parent d414d20
commit 46aa9b2
Showing 1 changed file with 34 additions and 41 deletions.
diff --git a/user_saml_shibboleth-idp/shibboleth-idp/conf/attribute-filter.xml b/user_saml_shibboleth-idp/shibboleth-idp/conf/attribute-filter.xml
@@ -1,51 +1,44 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!-- 
- This file is an EXAMPLE policy file. While the policy presented in this 
+<!--
+ This file is an EXAMPLE policy file. While the policy presented in this
  example file is illustrative of some simple cases, it relies on the names of
  non-existent example services and the example attributes demonstrated in the
  default attribute-resolver.xml file.
- 
+
  Deployers should refer to the documentation for a complete list of components
  and their options.
 -->
-<afp:AttributeFilterPolicyGroup id="ShibbolethFilterPolicy"
- xmlns:afp="urn:mace:shibboleth:2.0:afp"
- xmlns:basic="urn:mace:shibboleth:2.0:afp:mf:basic"
- xmlns:saml="urn:mace:shibboleth:2.0:afp:mf:saml"
+<AttributeFilterPolicyGroup id="ShibbolethFilterPolicy"
+ xmlns="urn:mace:shibboleth:2.0:afp"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="urn:mace:shibboleth:2.0:afp http://shibboleth.net/schema/idp/shibboleth-afp.xsd
- urn:mace:shibboleth:2.0:afp:mf:basic http://shibboleth.net/schema/idp/shibboleth-afp-mf-basic.xsd
- urn:mace:shibboleth:2.0:afp:mf:saml http://shibboleth.net/schema/idp/shibboleth-afp-mf-saml.xsd">
+ xsi:schemaLocation="urn:mace:shibboleth:2.0:afp http://shibboleth.net/schema/idp/shibboleth-afp.xsd">
 
  <!-- Release some attributes to an SP. -->
- <afp:AttributeFilterPolicy id="example1">
- <afp:PolicyRequirementRule xsi:type="basic:AttributeRequesterString" value="http://localhost/index.php/apps/user_saml/saml/metadata" />
-
- <afp:AttributeRule attributeID="eduPersonPrincipalName">
- <afp:PermitValueRule xsi:type="basic:ANY" />
- </afp:AttributeRule>
-
- <afp:AttributeRule attributeID="uid">
- <afp:PermitValueRule xsi:type="basic:ANY" />
- </afp:AttributeRule>
-
- <afp:AttributeRule attributeID="mail">
- <afp:PermitValueRule xsi:type="basic:ANY" />
- </afp:AttributeRule>
-
- <afp:AttributeRule attributeID="surname">
- <afp:PermitValueRule xsi:type="basic:ANY" />
- </afp:AttributeRule>
-
- <afp:AttributeRule attributeID="givenName">
- <afp:PermitValueRule xsi:type="basic:ANY" />
- </afp:AttributeRule>
-
- <afp:AttributeRule attributeID="eduPersonPrincipalName">
- <afp:PermitValueRule xsi:type="basic:ANY" />
- </afp:AttributeRule>
-
-
- </afp:AttributeFilterPolicy>
-
-</afp:AttributeFilterPolicyGroup>
+ <AttributeFilterPolicy id="example1">
+ <PolicyRequirementRule xsi:type="Requester" value="http://localhost/index.php/apps/user_saml/saml/metadata" />
+
+ <AttributeRule attributeID="eduPersonPrincipalName">
+ <PermitValueRule xsi:type="ANY" />
+ </AttributeRule>
+
+ <AttributeRule attributeID="uid">
+ <PermitValueRule xsi:type="ANY" />
+ </AttributeRule>
+
+ <AttributeRule attributeID="mail">
+ <PermitValueRule xsi:type="ANY" />
+ </AttributeRule>
+
+ <AttributeRule attributeID="surname">
+ <PermitValueRule xsi:type="ANY" />
+ </AttributeRule>
+
+ <AttributeRule attributeID="givenName">
+ <PermitValueRule xsi:type="ANY" />
+ </AttributeRule>
+
+ <AttributeRule attributeID="eduPersonPrincipalName">
+ <PermitValueRule xsi:type="ANY" />
+ </AttributeRule>
+ </AttributeFilterPolicy>
+</AttributeFilterPolicyGroup>