How to pass Sp entityId from Idp to Shibboleth Sp?
waheedtechblog at gmail.com
Mon Dec 14 09:52:00 EST 2015
Thanks for the reply.
#1: I have some mapping based on Shibboleth entity Id into my database
table, I am able to connect to database using RelationalDatabase
DataConnector but to get value from DB I need entityId.
#2. Here, I want to understand both part:
I) I can see entityId as Audience but I am not sure how to retrieve it
as SP side.? Could you point me to some link or some references so that I
can retrieve SP entityId as well as Idp entityId ?
2) I have a idea about Script DataConnector and how to release custom
Attribute but I don't know how to retrieve these value in Script?
Thanks in Advance.
On Mon, Dec 14, 2015 at 7:28 PM, Peter Schober <peter.schober at univie.ac.at>
> * Abdul Waheed <waheedtechblog at gmail.com> [2015-12-14 14:31]:
> > I am not sure but is it possible to pass entityId in AuthnStatement to
> > Shibboleth SP? I am already sending uid in response AuthnStatement.
> 1. Why do you want this?
> 2. The Shib IDP should already put the name (entityID) of the SP into
> the AuthnStatement, as part of the AudienceRestriction element:
> > Let me know if this is possible or is there any way to get Shibboleth
> > entityId attribute in IdP attribute-resolver.xml file.
> If you want to put the entityID into an attribute it will not be part
> of the AuthnStatement, which is what you asked about above. It would
> then bean the CDATA content of an AttributeValue element as part of
> an AttributeStatement.
> Ignoring that, a Script-type attribute definition has accesst to the
> relevant contexts and if you really wanted you could create a custom
> attribute with the entityID value of the current relying party into.
> The specifics depend on the IDP version, among others.
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users