Dynamic Custom Attribute Values
Cantor, Scott
cantor.2 at osu.edu
Fri Nov 16 16:46:20 EST 2012
On 11/16/12 4:40 PM, "Royder, Kyle D" <kroyder at austin.utexas.edu> wrote:
>Is it possible, using the out-of-box Shibboleth IdP v2, to create a new
>attribute that is populated from LDAP attribute values conditionally
>based on other LDAP attributes for the user that is authenticating?
Scriptlet almost certainly.
Or perhaps the Template definition. That one can execute mini-conditionals
using the Velocity macro syntax and it can pull from different source
attributes.
I have something like this:
<ad:Template><![CDATA[#if ($term_code ==
0)${role}@urn:mace:osu.edu:course:${enroll_yyyyq_code}:${subject}:${catalog
_num}#else${role}@urn:mace:osu.edu:course:${enroll_yyyyq_code}.${term_code}
:${subject}:${catalog_num}#end]]></ad:Template>
It's not terribly readable, but then that's what Scriptlets are for.
-- Scott
More information about the users
mailing list