X-Git-Url: http://www.project-moonshot.org/gitweb/?p=freeradius-pysaml2.git;a=blobdiff_plain;f=etc%2Faa_config.py;fp=etc%2Faa_config.py;h=d180bcedc77a614bf365b4a6b2d3b4831e72335c;hp=0000000000000000000000000000000000000000;hb=9419ac5045f6e069fe27e2fac834462e38c1e350;hpb=83af048d1542232e2914e73e159cc8e5e37fb2a9

diff --git a/etc/aa_config.py b/etc/aa_config.py
new file mode 100644
index 0000000..d180bce
--- /dev/null
+++ b/etc/aa_config.py
@@ -0,0 +1,27 @@
+# You shouldn't change these three lines unless you know what you are doing
+CONFIG = 'pysaml_config'                # PySAML2 Configuration file name
+IDENTITY_CACHE = "identity_cache"
+STATE_CACHE = "state_cache"
+METADATA_FILE=metadata.xml
+
+DEBUG=0
+
+# Should the SP sign the request
+SIGN=False
+
+# This depends on the AA configuration
+SP_NAME_QUALIFIER=""
+NAME_QUALIFIER="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
+NAMEID_FORMAT="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
+
+# This is necessary to pick information about the right AA from the metadata
+# file. This must be the entity ID of the AA not the endpoint
+ATTRIBUTE_AUTHORITY = "http://localhost:8088/"
+
+# Attribute filters per service@hostname
+# the key are GSS-Acceptor-Service-Name+':'+GSS-Acceptor-Host-Name
+# and the attribute names are the so called friendly-names
+
+ATTRIBUTE_FILTER = {
+    "ldap:example.com" : ["email", "givenName", "surname"],
+}
\ No newline at end of file