custom attribute question

Daksh Chauhan um.daksh at
Thu Nov 15 16:39:08 EST 2012

We have Shibboleth IdP 2.3.8 running on SuSE Linux Enterprise 11 - SP2

We have a custom attribute defined in LDAP to store Email-aliases and need
help to configure this in Shibboleth.

I am following this guide:

Following is in my "attribute-resolver.xml"
    <resolver:AttributeDefinition xsi:type="ad:Simple"
               id="emailalias" sourceAttributeID="emailalias">
        <resolver:Dependency ref="myLDAP" />

And following is in "attribute-filter.xml":
<afp:AttributeRule attributeID="emailalias">
<afp:PermitValueRule xsi:type="basic:ANY" />

I know this attribute is released by LDAP for the user shibboleth is using
for bind, but when I run I do not see this attribute in the result.

I would like to make sure that what I have in config files is correct and if
the guide I am following is correct one to use?

Note: I have also tried following in attribute-resolver.xml, but that did
not make any difference:
    <resolver:AttributeDefinition xsi:type="Simple"
               id="emailalias" sourceAttributeID="emailalias">
        <resolver:Dependency ref="myLDAP" />

Any guidance is greatly appreciated,


More information about the users mailing list