Unexpected behaviour of specified - but missing - filter plugin
Basics
Technical
Logistics
Basics
Technical
Logistics
Description
An attribute-policy.xml file containing nothing but the AttributePolicyGroup tags with no children, will lead to all attributes/values being filtered out, as expected, since we're not explicitly allowing anything through. But if the attribute-policy.xml file is simply missing (but configured in shibboleth2.xml), then all attributes/values are allowed through - which is not what I would expect. I would expect a configured but missing policy and a configured policy that is present but essentially empty (i.e. only the childless AttributePolicyGroup tag) to be functionally equivalent.
So the behaviour that makes most sense would be that if there is a filter plugin specified, but it fails to load, a deny-all policy should be put in place.
An attribute-policy.xml file containing nothing but the AttributePolicyGroup tags with no children, will lead to all attributes/values being filtered out, as expected, since we're not explicitly allowing anything through. But if the attribute-policy.xml file is simply missing (but configured in shibboleth2.xml), then all attributes/values are allowed through - which is not what I would expect. I would expect a configured but missing policy and a configured policy that is present but essentially empty (i.e. only the childless AttributePolicyGroup tag) to be functionally equivalent.
So the behaviour that makes most sense would be that if there is a filter plugin specified, but it fails to load, a deny-all policy should be put in place.