Shibboleth IdP- configuration with Active Directory
vaishali
vbprajapati39 at gmail.com
Wed Dec 5 01:39:10 EST 2018
Thanks, It works.
but after than while trying to release attributes from AD like
samaaccountname,mail etc
its not releasing the attributes even user consent page is not displayed.
attribute-resolver.xml contains:
<AttributeDefinition id="sAMAccountName" xsi:type="Simple"
sourceAttributeID="samaccountname">
<Dependency ref="myLDAP" />
<AttributeEncoder xsi:type="SAML1String"
name="urn:mace:dir:attribute-def:samaccountname" encodeType="false" />
<AttributeEncoder xsi:type="SAML2String"
name="urn:oid:1.2.840.113556.1.4.221" friendlyName="uid" encodeType="false"
/>
</AttributeDefinition>
<AttributeDefinition id="sAMAccountName" xsi:type="Simple"
sourceAttributeID="samaccountname">
<Dependency ref="myLDAP" />
<AttributeEncoder xsi:type="SAML1String"
name="urn:mace:dir:attribute-def:samaccountname" encodeType="false" />
<AttributeEncoder xsi:type="SAML2String"
name="urn:oid:1.2.840.113556.1.4.221" friendlyName="uid" encodeType="false"
/>
</AttributeDefinition>
<DataConnector id="myLDAP" xsi:type="LDAPDirectory"
ldapURL="%{idp.attribute.resolver.LDAP.ldapURL}"
baseDN="%{idp.attribute.resolver.LDAP.baseDN}"
principal="%{idp.attribute.resolver.LDAP.bindDN}"
principalCredential="%{idp.attribute.resolver.LDAP.bindDNCredential}"
connectTimeout="%{idp.attribute.resolver.LDAP.connectTimeout}"
responseTimeout="%{idp.attribute.resolver.LDAP.responseTimeout}">
<FilterTemplate>
</FilterTemplate>
</DataConnector>
attribute-filter contains:
<AttributeRule attributeID="sAMAccountName">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="mail">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
--
Sent from: http://shibboleth.1660669.n2.nabble.com/Shibboleth-Users-f1660767.html
More information about the users
mailing list