AW: Attribute Filter for AttributeRequest

Rosenfeld, Waldemar (extern) waldemar.rosenfeld.extern at
Thu Jul 5 05:38:30 EDT 2018

Perfect, thank you very much for this hint :)
My solution, if anybody needs something like this:
    <AttributeFilterPolicy id="SPExampleAttributeRequest">
        <PolicyRequirementRule xsi:type="AND">
                <Rule xsi:type="Requester" value=""
                <Rule xsi:type="Script" language="JavaScript">
                                boolType = Java.type("java.lang.Boolean");
                                context = profileContext.getProfileId();
                                        result = new boolType(true);
                                } else {
                                        result = new boolType(false);
        <AttributeRule attributeID="isMemberOf"

-----Ursprüngliche Nachricht-----
Von: users <users-bounces at> Im Auftrag von Rod Widdowson
Gesendet: Mittwoch, 4. Juli 2018 17:46
An: 'Shib Users' <users at>
Betreff: RE: Attribute Filter for AttributeRequest

> I suspect that you could dig into the ProfileRequestContext to get the
profile being run and fire that up with a PredicateFilter.

Something like:

<bean parent="shibboleth.Conditions.Expression"
es/saml2/query/attribute')" />

would be a rough first estimate if where to start.  


For Consortium Member technical support, see
To unsubscribe from this list send an email to
users-unsubscribe at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5959 bytes
Desc: not available
URL: <>

More information about the users mailing list