Questions about returning roles in the Assertion
yaowen.tu at gmail.com
Thu Aug 30 21:14:44 EDT 2012
I have some questions about returning roles in the Assertion. I understand
that this mail list might not be the ideal place to ask such question, but
I just hope whether people can give me some ideas.
1) How to return a list of roles if Shib IdP is connecting to a LDAP? Maybe
this is more of a LDAP question, but I have tried to googled around, still
cannot find the answer.
Currently I can get all the attributes by:
What if in the LDAP it also has role definitions, and defined
which users belong to which roles. Would it be possible to retrieve a list
of roles of a particular user?
I am not very familiar with LDAP, so I hope that people in this list
have done similar things before.
2) This is more of a general or best practice question: Is it common to
include role information in the Assertion? For existing IdP providers
especially those enterprise applications, what kind of information is
usually included in the Assertion?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users