Consent attribute values hashed?
Jann Malenkoff
jannmalenkoff at gmail.com
Tue Jul 4 00:40:33 EDT 2017
We need the database values for the attributes consented for release to be
in clear text -- but appears as below in the database storagerecords:
{"id":"studentNumber","v":"O7ocUQjrYOXxPjb9geKVd4CBsGHAodSz+YrzSLW2Hs8="
Not sure what I missed in configuring? Snippet from idp.properties:
# Set to "shibboleth.StorageService" or custom bean for alternate storage
of consent
idp.consent.StorageService = shibboleth.JPAStorageService
# Set to "shibboleth.consent.AttributeConsentStorageKey" to use an attribute
# to key user consent storage records (and set the attribute name)
idp.consent.userStorageKey = shibboleth.consent.PrincipalConsentStorageKey
idp.consent.userStorageKeyAttribute = uid
# Flags controlling how built-in attribute consent feature operates
idp.consent.allowDoNotRemember = false
idp.consent.allowGlobal = false
idp.consent.allowPerAttribute = false
# Whether attribute values and terms of use text are compared
idp.consent.compareValues = true
# Maximum number of consent records for space-limited storage (e.g. cookies)
idp.consent.maxStoredRecords = -1
# Maximum number of consent records for larger/server-side storage (0 = no
limit)
#idp.consent.expandedMaxStoredRecords = 0
# Time in milliseconds to expire consent storage records.
idp.consent.storageRecordLifetime = P1Y
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20170703/1f891207/attachment.html>
More information about the users
mailing list