How to put the principal name to an attribute?
Nate Klingenstein
ndk at internet2.edu
Thu Aug 9 21:23:42 EDT 2012
Yaowen,
Try:
https://wiki.shibboleth.net/confluence/display/SHIB2/ResolverPrincipalNameDefinition
Take care,
Nate.
On Aug 10, 2012, at 1:15 , Yaowen Tu wrote:
> Hi,
>
> I have implemented a customized LoginModule, which is used by IdP to
> do the real authentication. This part is working now. Next part I
> want to do is put the username into Assertion and release it to SP.
>
> I know that the best way to do is implementing a customized
> DataConnector, but I am wondering whether it is possible to
> eliminate this, since all the IdP will expose is just a "username".
> The username is just a principal name which is already available
> after user login.
>
> My question is in the attribute-resolver.xml, how can I configure it
> to get the principal name and put into an attribute?
>
> I am looking for something like:
>
> <resolver:AttributeDefinition xsi:type="ad:Simple" id="username"
> sourceAttributeID="$PrincipalName$">
> <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:mail
> " />
> <resolver:AttributeEncoder xsi:type="enc:SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder
> "/>
> </resolver:AttributeDefinition>
>
> Is that feasible?
>
> Best,
> Yaowen
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list