metadata-driven attribute definition
Joshua Dachman
jdachman at gmail.com
Sun Jul 14 17:02:10 EDT 2019
The idea is to be metadata-driven here. Yes, the same can currently be
achieved through addition of tags in attribute-resolver.xml, but then every
time an SP desires a custom mapping it must be added there rather than in
the SP's metadata.
Thank you,
Joshua Dachman
On Sun, Jul 14, 2019 at 2:41 PM Ian Young <ian at iay.org.uk> wrote:
>
> On 14 Jul 2019, at 17:52, Joshua Dachman <jdachman at gmail.com> wrote:
>
> This is a situation where the IDP has control over the SP metadata so the
> "mess" will be kept internal.
>
>
> If the IdP is the driver here, it would seem like the more obvious and
> less indirect approach would be to put the mapping rules you require into
> the IdP's configuration and cut out the middle-man. It would probably be
> simplest to express in terms of per-entity attribute release rules, though.
>
> Is there something about your use case that you haven't mentioned which
> means that approach can't be used?
>
> -- Ian
>
>
>
>
> --
> For Consortium Member technical support, see
> https://wiki.shibboleth.net/confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20190714/e68848b9/attachment.html>
More information about the users
mailing list