Allow all attributes to an SP

Christopher Bongaarts cab at umn.edu
Fri May 6 18:18:19 EDT 2016


On 5/6/2016 4:43 PM, Jim Fox wrote:
>
>> Obviously I could make an AttributeFilterPolicy with an appropriate 
>> PolicyRequirementRule limiting application to the particular SP, and 
>> then
>> explicitly list every attribute in an AttributeRule individually, but 
>> ow, my wrists.
>>
>> Is there a simpler way to do this?
>>
>
> Some combination of grep, sed, awk, echo.

I ended up using Perl since it's what I know best.

#!/usr/bin/perl
#
# usage: find_attrs $IDP_HOME/conf/attribute-resolver.xml
# output: AttributeRules to paste into filter file

use strict;
use XML::Parser;

my $parser = new XML::Parser ( Handlers => { Start => \&h_start });
$parser->parsefile(shift);

sub h_start {
   my ($p, $elt, %attr) = @_;
   if ($elt eq 'resolver:AttributeDefinition') {
     print '<AttributeRule attributeID="',$attr{id},'"><PermitValueRule 
xsi:type="ANY"></AttributeRule>', "\n";
   }
}

-- 
%%  Christopher A. Bongaarts   %%  cab at umn.edu          %%
%%  OIT - Identity Management  %%  http://umn.edu/~cab  %%
%%  University of Minnesota    %%  +1 (612) 625-1809    %%

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20160506/3449484c/attachment.html>


More information about the users mailing list