An open discussion list for topics related to the eduGAIN interfederation service.

[Peter Schober <peter.schober AT univie.ac.at>]

* Alex Stuart <Alex.Stuart AT jisc.ac.uk> [2020-05-21 10:40]:
> In prinicple a SP owner could put the expected values into a
> RequestedAttribute element.

We're doing exactly that for all of the publishers we register where
we know that they (at least also) accept the "lib-common-terms"
eduPersonEntitlement attribute value for access control.
(I.e., even in those cases where the institution has the option to
configure the attribute/value used to signal "should be authorised",
though we do negotiate with the publishers to allow this
attribute/value by default.)

E.g. for IEEE Xplore, EBSCOhost, Thomson Reuters WoK/EndNote, Elsevier
ScienceDirect/Scopus/etc, Taylor & Francis Online, Springer Link/R&D,
Wolters Kluwer Ovid, ProQuest Ebooks Central, the Atypon SP used by
multiple publishers (such as the ACM Digital Library, Wiley,
AnnualReviews).

Find one such example here:
https://met.refeds.org/met/entity/https%3A//ieeexplore.ieee.org/shibboleth-sp/?viewxml=true&federation=aconet-identity-federation-eduidat

This nicely allows fully automating attribute release based soleley on
standard SAML 2.0 metadata with software that either supports this
out of the box, such as the Shibboleth IDP, or where tooling can be
added to drive local configuration.

> However, it doesn't look like there are any examples of this in
> eduGAIN metadata

In this case that's because you (the UK federation) are publishing all
of those SPs into eduGAIN already, but without that information
present.

Best regards,
-peter