Shibboleth Identity Provider Configuration

The Digital Archives Shibboleth SP is already registered with InCommon.

Here’s the configuration information campuses can add to their Shibboleth IdP:

<AttributeFilterPolicy id="DigitalArchives">
  <PolicyRequirementRule xsi:type="Requester" value="https://archives.calstate.edu/shibboleth" />
  <AttributeRule permitAny="true" attributeID="calstateEduPersonOrg" />
  <AttributeRule permitAny="true" attributeID="eduPersonPrincipalName" />
  <AttributeRule permitAny="true" attributeID="eduPersonAffiliation" />
  <AttributeRule permitAny="true" attributeID="email" />
  <AttributeRule permitAny="true" attributeID="givenName" />
  <AttributeRule permitAny="true" attributeID="surname" />
</AttributeFilterPolicy>

If the campus is using the published common release policy in Bitbucket, a policy has already been created and can be downloaded.

Once configured, you can test the login here: Digital Archives

See also CSUConnect Service Provider Registration Document.