Attributes Values Based on Presence of LDAP Attribute
Peter Schober
peter.schober at univie.ac.at
Tue May 20 21:16:57 EDT 2014
* Jason <shibboleth at happycat.org.uk> [2014-05-21 03:04]:
> My question is this: for users that don't have the attribute in LDAP,
> is it possible to have the IdP still return some value in the
> attribute statement? If so, what's the best way to do that?
https://wiki.shibboleth.net/confluence/display/SHIB2/IdPAddAttribute#IdPAddAttribute-AttributeDefinition
I don't think Mapped attribute definitions will work here, maybe
Template would work, but Script certinainly does. Something like:
if (typeof Application == "undefined" || Application == null)
{
var Application = new BasicAttribute("Application");
Application.getValues().add("Foo");
}
Full examples in the wiki, at
https://wiki.shibboleth.net/confluence/display/SHIB2/ResolverScriptAttributeDefinition
-peter
More information about the users
mailing list