Attribute Filter rule for different Shibboleth SP that shared entityID
Supakit Kiatrungrit
supakitk at sfsu.edu
Tue Apr 15 20:10:59 EDT 2014
Hi Peter,
Thank you so much for your information. Really appreciate your help on this.
Thanks,
Nat
On Apr 15, 2014, at 12:57 AM, Peter Schober <peter.schober at univie.ac.at> wrote:
> * Peter Schober <peter.schober at univie.ac.at> [2014-04-15 09:33]:
>> * Supakit Kiatrungrit <supakitk at sfsu.edu> [2014-04-15 02:12]:
>>> If it is possible with scripting
>>> (https://wiki.shibboleth.net/confluence/display/SHIB2/IdPFilterRequirementScript),
>>> do anyone have an example that check the hostname from the metadata
>>> endpoint URL.
>>
>> You'll probably need to look at the code or have some of the
>> developers comment on whether e.g. the some of the APIs available to
>> the resolver ("Information Available to the Script"[1]) are also
>> available in the filter context.
>
> Looking at the API docs:
>
> https://build.shibboleth.net/nexus/service/local/repositories/releases/archive/edu/internet2/middleware/shibboleth-common/1.4.0/shibboleth-common-1.4.0-javadoc.jar/!/edu/internet2/middleware/shibboleth/common/attribute/filtering/provider/package-summary.html
>
> I would /guess/ you'd be able get at it via ShibbolethFilteringContext
> and its getAttributeRequestContext() method, the resulting
> SAMLProfileRequestContext and its getPeerEntityEndpoint() which will
> give you an Endpoint, which has getBinding(), getLocation and
> getResponseLocation() methods.
> -peter
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
>
More information about the users
mailing list