Attribute Filter rule for different Shibboleth SP that shared entityID
supakitk at sfsu.edu
Mon Apr 14 20:11:59 EDT 2014
We have integrated our IDP with two different SPs that they shared the same entity ID but different hostname
Host A: example1.com has entity ID as https://example1.com/shibboleth
Host B: example2.com has entity ID as https://example1.com/shibboleth
When look at the SP Metadata of Host A and Host B everything is identical except endpoint host of ArtifactResolutionService, SingleLogoutService, AssertionConsumerService are different.
Is there any way for IdP to set up attribute release rule (attribute-filter.xml) separately for Host A and Host B?
If it is possible with scripting (https://wiki.shibboleth.net/confluence/display/SHIB2/IdPFilterRequirementScript), do anyone have an example that check the hostname from the metadata endpoint URL.
Thank you so much,
More information about the users