Introduction
The purpose of the demonstrator is to show with a practical implementation how the group membership attributes or other attributes from multiple sources can be used in a federated environment to regulate access to services.
Detailed description
A detailed description can be find in this wiki page.
The setup consist of:
- a Shibbolet IdP
- a COmanage server as attribute authorities service
- an IdP proxy on SimpleSAMLphp instance as attribute aggregation service
- a cloud framework (OpenStack) as service provider.
Schema
TBA