Authorization using shibboleth sso

Peter Schober peter.schober at
Fri Nov 28 07:40:45 EST 2014

* Surinaidu Majji <pioneer.suri at> [2014-11-28 13:30]:
> So Please tell me, how to deal with attribute-resolver.xml to add
> our permissions for authorization.

You add whatever data you (i.e., the SP) needs to perform access
control, same as with any existing attributes.
E.g. if the SP requires a subject to have a specific affiliation, you
add the affiliation attribute definition to your resolver (and either
lookup the info from some system the IDP has access to, or generate
the value in the IDP on-the-fly).

More information about the users mailing list