saml:AuthenticatingAuthority and Assertion Extraction
Cantor, Scott
cantor.2 at osu.edu
Thu Apr 24 10:48:22 EDT 2014
On 4/24/14, 10:39 AM, "Andy Bennett" <andyjpb at knodium.com> wrote:
>
>I've got exportAssertion="true" set on <Host ...> in <RequestMap> in
><RequestMapper ...> in shibboleth2.xml and I'm seeing
>Shib-Identity-Provider CGI variables but I've *never* seen any
>Shib-Assertion-Count or Shib-Assertion-NN CGI variables.
https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPAssertionExpor
t
You don't have exportLocation or exportACL set, I would imagine.
>https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPAttributeExtr
>actor#NativeSPAttributeExtractor-XMLAttributeExtractor
>
>seems to claim that an XML AttributeExtractor can extract things from
><saml2:Assertion> but I'm not sure what syntax to put in
>attribute-map.xml to make this work.
It handles Attributes and NameIDs, that's it. If you tell me what text
implies otherwise, I'll adjust it.
>https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPAttributeExtr
>actor#NativeSPAttributeExtractor-AssertionAttributeExtractor%28Version2.5a
>ndAbove%29
>
>seems to imply that I might not be able to do this without upgrading to
>the 2.5 SP software.
Again, please tell me what implies that and I can fix it. The version
indicator is there.
>A bit of Googling suggests there were some commits over 2 years ago
>which added some kind of functionality along these lines but it's not
>clear what release they went into.
Assertion AttributeExtractor (Version 2.5 and Above)
-- Scott
More information about the users
mailing list