Creation of new attribute from script

Wed Jan 4 19:12:04 GMT 2012

Your 'uniqueUid' is an attribute, not a value.  Use

  uniqueUid.getValues().add(some_value);

Jim

On Wed, 4 Jan 2012, Terry Soucy wrote:

> Date: Wed, 4 Jan 2012 10:47:06 -0800
> From: Terry Soucy <terry.soucy at unb.ca>
> To: Shib Users <users at shibboleth.net>
> Reply-To: Shib Users <users at shibboleth.net>
> Subject: Creation of new attribute from script
> 
> I'm trying to create a new attribute that will return either the uid or another uid, based on values in objectClass (unbCaAlumni).  The object of this exercise is to create an attribute that will return the uniqueUid of a record for use with the StoredId procedure.  I'm finding that when I have the attribute definition for uniqueUid active in the shibboleth config, I get the following error ..
>
> 14:20:57.476 - WARN [edu.internet2.middleware.shibboleth.idp.profile.saml2.AbstractSAML2ProfileHandler:478] - Error resolving attributes for principal 'tsoucy'.  No name identifier or attribute statement will be included in response
>
> .. and that's without changing the StoredId procedure, just the inclusion of the uniqueUid definition.
>
> Any thoughts?
>
> Terry Soucy
>
>
>
> Attribute definition ..
>
>    <resolver:AttributeDefinition
>            xsi:type="Script"
>            id="uniqueUid"
>            xmlns="urn:mace:shibboleth:2.0:resolver:ad">
>        <resolver:Dependency ref="myLDAP" />
>        <resolver:AttributeEncoder
>                xsi:type="enc:SAML2String"
>                name="urn:oid:0.9.2342.19200300.100.1.1"
>                friendlyName="uniqueUid" />
>        <Script><![CDATA[
>            importPackage(Packages.edu.internet2.middleware.shibboleth.common.attribute.provider);
>
>            // Create attribute to be returned from definition
>            uniqueUid = new BasicAttribute("uniqueUid");
>            for (i = 0; objectClass != null && i < objectClass.getValues().size(); i++) {
>                value = objectClass.getValues().get(i);
>                if (value.equalsIgnoreCase("unbcaalumni")) {
>                    uniqueUid = unbCaAlumniUid.getValues().get(0);
>                } else {
>                    uniqueUid = uid.getValues().get(0);
>                }
>            }
>        ]]></Script>
>    </resolver:AttributeDefinition>
>
>
> StoredId data connector definition ..
>
>    <!-- Persistent ID data connector -->
>    <resolver:DataConnector id="StoredId"
>        xsi:type="StoredId"
>        xmlns="urn:mace:shibboleth:2.0:resolver:dc"
>        sourceAttributeID="uid"
>        generatedAttributeID="persistentID"
>        salt="Ru5awBi7rzuewGH0P0kCKr9vfSbkq0YxKKYzI2HxmN2ghaBY">
>        <resolver:Dependency ref="uid" />
>        <dc:ApplicationManagedConnection
>            jdbcDriver="com.mysql.jdbc.Driver"
>            jdbcURL="jdbc:mysql://unbmysql.unb.ca:3306/shibboleth?autoReconnect=true"
>            jdbcUserName="shibbolethUser"
>            jdbcPassword="shibbolethPassword" />
>    </resolver:DataConnector>
>
>
> --
> Terry Soucy, Systems Analyst             Information Technology Services
> University of New Brunswick, Fredericton Campus  http://www.unbf.ca/its
> Voice: 506.447.3018     Fax: 506.453.3590    E-mail: terry.soucy at unb.ca
> **    ITS is a scent-reduced workplace - www.unbf.ca/its/policies    **
>
>
>
>
>
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
>