Change the "name=" value for the UID attribute definition for specific entityIDs
Jay Hoff
jeh26 at psu.edu
Tue Oct 3 10:33:42 EDT 2017
Hello,
Is it possible to change the value for a mapped attribute definition the attribute-resolver.xml for a select few entityIDs, not globally for the IdP? I have the standard definition for the UID attribute in my attribute-resolver.xml file:
<resolver:AttributeDefinition xsi:type="ad:Simple" id="uid" sourceAttributeID="uid">
<resolver:Dependency ref="myLDAP" />
<resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:uid" />
<resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.1" friendlyName="uid" />
</resolver:AttributeDefinition>
The problem is that I have an SP that requires the released attribute to have to be name=“uid” not name="urn:oid:0.9.2342.19200300.100.1.1” for the “uid” attribute.
The SP sees this:
<saml:AttributeStatement>
<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="uid">
<saml2:AttributeValue xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd=" http://www.w3.org/2001/XMLSchema"; xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance"; xsi:type="xsd:string”>jeh26</saml2:AttributeValue>
</saml:Attribute>
But they want:
<AttributeStatement>
<Attribute Name="uid">
<AttributeValue>sus21</AttributeValue>
</Attribute>
</AttributeStatement>
In other words it should say uid, not "urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName=“uid”
Any help is much appreciated.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP
URL: <http://shibboleth.net/pipermail/users/attachments/20171003/85c504ff/attachment-0001.sig>
More information about the users
mailing list