How to put the principal name to an attribute?
Yaowen Tu
yaowen.tu at gmail.com
Thu Aug 9 21:15:53 EDT 2012
Hi,
I have implemented a customized LoginModule, which is used by IdP to do the
real authentication. This part is working now. Next part I want to do is
put the username into Assertion and release it to SP.
I know that the best way to do is implementing a customized DataConnector,
but I am wondering whether it is possible to eliminate this, since all the
IdP will expose is just a "username". The username is just a principal name
which is already available after user login.
My question is in the attribute-resolver.xml, how can I configure it to get
the principal name and put into an attribute?
I am looking for something like:
<resolver:AttributeDefinition xsi:type="ad:Simple" id="username"
sourceAttributeID="$PrincipalName$">
<resolver:AttributeEncoder xsi:type="enc:SAML1String"
name="urn:mace:dir:attribute-def:mail" />
<resolver:AttributeEncoder xsi:type="enc:SAML2String"
xmlns="urn:mace:shibboleth:2.0:attribute:encoder"/>
</resolver:AttributeDefinition>
Is that feasible?
Best,
Yaowen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20120809/60323c8d/attachment-0001.html
More information about the users
mailing list