FIXED: Porting advanced v2 resolver config to v3
Marvin Addison
marvin.addison at gmail.com
Wed Feb 11 10:43:04 EST 2015
I got this working by making two changes you can see in this diff:
- <resolver:DataConnector id="edEntitlement" xsi:type="dc:LDAPDirectory"
-
springResources="%{idp.home}/conf/ed-entitlement-data-connector.xml" />
+ <resolver:DataConnector id="edEntitlement" xsi:type="dc:LDAPDirectory"
springResources="%{idp.home}/conf/ed-entitlement-data-connector.xml">
+ <resolver:Dependency ref="edPerson" />
+ <dc:ResultCache elementTimeToLive="PT10S" maximumCachedElements="200"
/>
+ </resolver:DataConnector>
I'm fairly certain that the root cause is that I was missing a dependency
reference. I defined the ResultCache here since the config was more
succinct, though it still seems like the cache is not shared between data
connectors with that config; if that's correct then cache sharing isn't
needed. I don't care about caching mechanics as long as attribute
resolution works, which it does.
Also, I want to clarify that expressions like the following still work in
v3:
(entitled=uid=$uid.get(0),ou=people,dc=vt,dc=edu)
Where $uid is an attribute resolved by a dependency data connector.
M
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20150211/7f07b4fd/attachment-0001.html
More information about the users
mailing list