eduPersonTargetedID
Etan Weintraub
eweintra at jhmi.edu
Fri Apr 26 14:14:26 EDT 2013
Not 100% sure, but I think you need to change xsi:type="ad:SAML2NameID" to xsi:type="Script".
-Etan E. Weintraub
Sr. Systems Engineer
Directory Architecture
IT at Johns Hopkins
Johns Hopkins at Mt. Washington
5801 Smith Ave.
Suite 3110B
Baltimore, MD 21209
Phone: 410-735-7945
E-mail: eweintra at jhmi.edu
-----Original Message-----
From: users-bounces at shibboleth.net [mailto:users-bounces at shibboleth.net] On Behalf Of Qian, Yi
Sent: Friday, April 26, 2013 2:08 PM
To: Shib Users
Subject: eduPersonTargetedID
Hello,
Our eduPersonTargetedID just follows shibboleth wiki, including 2 parts
idp entity id, sp entity id and encoded uid, separated by !
Manager wants the last part to be encoded idp entity id + sp entity id +
uid. I tried to use script attribute definition. But got "Invalid content
was found starting with element 'Script'. One of
'{"urn:mace:shibboleth:2.0:resolver":AttributeEncoder}' is expected." error
Here is my attribute resolver, I have attribute Encoder defined.
<resolver:AttributeDefinition xsi:type="ad:SAML2NameID"
id="eduPersonTargetedID"
nameIdFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
sourceAttributeID="computedID">
<resolver:Dependency ref="computedID" />
<resolver:AttributeEncoder xsi:type="enc:SAML1XMLObject"
name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" />
<resolver:AttributeEncoder xsi:type="enc:SAML2XMLObject"
name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10"
friendlyName="eduPersonTargetedID" />
<Script>
<![CDATA[
importPackage(Package.org.opensaml.saml2.core.impl.BaseIDImpl);
BaseID baseID = new BaseIDImpl();
idpNameQualifier =
"https://shibidptstwb1.cc.ku.edu/idp/shibboleth";
spNameQualifier = baseID.getSPNameQualifier();
computedID = idpNameQualifier + spNameQualifier + computedID;
]]>
</Script>
</resolver:AttributeDefinition>
Regards,
Yi
--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list