Attribute Filter rule for different Shibboleth SP that shared entityID
Peter Schober
peter.schober at univie.ac.at
Tue Apr 15 03:57:50 EDT 2014
* Peter Schober <peter.schober at univie.ac.at> [2014-04-15 09:33]:
> * Supakit Kiatrungrit <supakitk at sfsu.edu> [2014-04-15 02:12]:
> > If it is possible with scripting
> > (https://wiki.shibboleth.net/confluence/display/SHIB2/IdPFilterRequirementScript),
> > do anyone have an example that check the hostname from the metadata
> > endpoint URL.
>
> You'll probably need to look at the code or have some of the
> developers comment on whether e.g. the some of the APIs available to
> the resolver ("Information Available to the Script"[1]) are also
> available in the filter context.
Looking at the API docs:
https://build.shibboleth.net/nexus/service/local/repositories/releases/archive/edu/internet2/middleware/shibboleth-common/1.4.0/shibboleth-common-1.4.0-javadoc.jar/!/edu/internet2/middleware/shibboleth/common/attribute/filtering/provider/package-summary.html
I would /guess/ you'd be able get at it via ShibbolethFilteringContext
and its getAttributeRequestContext() method, the resulting
SAMLProfileRequestContext and its getPeerEntityEndpoint() which will
give you an Endpoint, which has getBinding(), getLocation and
getResponseLocation() methods.
-peter
More information about the users
mailing list