In Manage there is a new attribute to prevent existing values to be edited: disabledAfterPersisted: true
(Some) questions to be answered:
[x] Do SRAM services need an ARP?
No; SRAM has a fixed ARP which does not need to be administered separately in Manage.
[ ] Do SRAM services need to specify IdP for the connect-to-IdP matrix?
No; all SRAM Services are available to the same set of IdPs (to be determined how to manage that; maybe simply use the IdPs that are connected to the main SRAM/SBS instance in the regular SP/RP table)
[ ] Which IdP's need to be allowed access to SRAM services? Fixed set?
see above
[x] Do SRAM services need attribute manipulation?
We currently don't support this, but this would be a nice to have in the future
[x] Do we want to show SRAM services in IdP dashboard?
No, only SRAM as a whole
[x] Can SRAM services be used in PdP policies?
No; SRAM not for now.
[x] Do SRAM SAML services require valid MetaData (either upload or URL), or do we allow for manual ACS input?
Yes; Either Upload or MetaData URL.
Tasks:
[x] SBS: New DB columns SBS Services
[x] SBS: Extra UI for Service Request
[x] SBS: Extra UI-tabs for Service Details
[ ] SBS: Sync SBS to Manage (periodically and manual from systems tab)
[ ] SBS: Sync SBS to Manage with defaults for Connected IDP's (same set as connected to main SRAM SP)
[x] SBS: Sync SBS to Manage with defaults for ARP (same attributes as main SRAM SP)
[x] SBS: Sync on update
[x] Manage: New schema for SRAM services (can be OIDC or SAML protocol)
Store the minimal required set of attributes in Manage to use in the EB login flow. See for details https://confluence.ia.surf.nl/pages/viewpage.action?spaceKey=TIINN&title=SRAM-Manage+integratie
In Manage there is a new attribute to prevent existing values to be edited:
disabledAfterPersisted: true
(Some) questions to be answered:
Tasks: