Using a custom attribute as the eppn

Philip Durbin philip_durbin at
Tue Aug 16 09:30:20 EDT 2016

It looks like Alex got integration between SimpleSAMLphp IdP and
Dataverse working using eppn! He wrote, "I modified attribute-map.xml
and removed the AttributeDecoder from the eppn definition.  I also
commented out the AttributeRule for eppn in attribute-policy.xml,
although this might be unnecessary after the change to attribute-map"
and more details can be found there.

On Tue, Aug 9, 2016 at 2:51 PM, Cantor, Scott <cantor.2 at> wrote:
> Somebody should get this application to stop requiring a header called "eppn". Applications should not be dictating the name of the data element they consume. Hacking things into specifically named headers is a recipe for a lot of confusion.

Scott, I work on the application in question (Dataverse) but I'm
having trouble understanding what you want. If you're saying that
Dataverse should be more flexible in accepting a variety of attributes
to uniquely identify users such as eppn, ePTID, NameID, and others, I
have already opened an issue about this at and comments are very
welcome! If you're saying something else, please advise! Here's where
I document which attributes are required:



p.s. In developing Shibboleth support for Dataverse as an SP have been
heavily influenced by the attributes sent by the IdP at . I basically took a look at (output below) as a
starting point for what attributes are reasonable to expect from an

Session Expiration (barring inactivity): 479 minute(s)
Client Address:
SSO Protocol: urn:oasis:names:tc:SAML:2.0:protocol
Identity Provider:
Authentication Time: 2016-08-15T13:50:02.774Z
Authentication Context Class:
Authentication Context Decl: (none)

affiliation: Member at;Staff at
cn: Me Myself And I
entitlement: urn:mace:dir:entitlement:common-lib-terms
eppn: myself at
givenName: Me Myself
sn: And I
telephoneNumber: 555-5555
uid: myself
unscoped-affiliation: Member;Staff

Philip Durbin
Software Developer for

More information about the users mailing list