eduPersonTargetedID - how is it constructed?
Rod Widdowson
rdw at steadingsoftware.com
Tue May 20 05:16:33 EDT 2014
> I'm not sure I understand what you mean by prepopulating a database.
> Does Shib IdP keep a database with users?
There is a data connector which does this:
https://wiki.shibboleth.net/confluence/display/SHIB2/ResolverStoredIDDataCon
nector
> Maybe Peter can do a "Shib For Dummies" while having drinks today.
> I'm thinking of patching SSP so that it accepts an optional
> configuration parameter to generate the same ePTID as Shib does.
> People migrating from Shib to SSP could then just flip this switch and
> everything would be good.
That would certainly be the most general solution. If you are happy enough
with Spring to be writing a plugin it would not be difficult either - you'll
find that there is about 98% boiler plate and 2% code.
Specifically you would want to define a Data Connector (with associated XML
Schema).
The User would then just configure the whole thing as usual:
<resolver:DataConnector xsi:type="yournameSpace:SimpleSamlComputedId"
id="computedID"
generatedAttributeID="computedID"
sourceAttributeID="uid"
salt="your random string here">
<resolver:Dependency ref="myLDAP" />
</resolver:DataConnector>
And the rest would be as usual.
Checkout the
https://wiki.shibboleth.net/confluence/display/SHIB2/Contributions page for
places where you might want to start looking for examples - I'd start with
the MDRPI filter code since it will plug in exactly the same manner - but
that’s code I'm very familiar with.
If you need more details which you cannot get sorted this week face to face,
I suggest you take this to the shib-dev list since we are getting a bit
technical now.
More information about the users
mailing list