New attribute filter help

Morris, Andi amorris at
Fri Sep 30 16:53:15 BST 2011

Hi all,
I've just been asked to release some new attributes for a service that our library uses.  The information is in the text below.
For Shibboleth users, we are expecting to receive the following attributes:
     > An attribute with a name that matches the regular expression (ignoring case) ".*OASCOPED.URN.MACE.DIR_ATTRIBUTE.DEF.EDUPERSONTARGETEDID.*". The value should be some sort if ID representing the logged in user followed by =@"idpdomain"


  > An attribute with a name that matches the regular expression".*IDP.ENTITY.*". The value should be the EntityID of the Identity provider.
An example would be [OA_IDP_ENTITY] =>

Now, we already release the EDUPERSONTARGETEDID, but not with that expression.  Ours is:

    <resolver:AttributeDefinition xsi:type="ad:SAML2NameID" id="eduPersonTargetedID"

                                  nameIdFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" sourceAttributeID="computedID">

        <resolver:Dependency ref="computedID" />

        <resolver:AttributeEncoder xsi:type="enc:SAML1XMLObject" name="urn:oid:" />

        <resolver:AttributeEncoder xsi:type="enc:SAML2XMLObject" name="urn:oid:" friendlyName="eduPersonTargetedID" />


Will that work?

Also, is there a way I can release the EntityID as an attribute?

I'm quite new to all this, and have read the attribute section of the documentation, but it's not quite all sunk in yet.  Any help would be appreciated.


-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list