SP, obtaining extra attributes about a user
Cantor, Scott
cantor.2 at osu.edu
Fri May 17 12:17:47 EDT 2019
On 5/17/19, 12:09 PM, "users on behalf of Steven Carmody" <users-bounces at shibboleth.net on behalf of steven_carmody at brown.edu> wrote:
> So, I'd receive an Assertion from an external IDP, and then use the
> received EPPN to construct a query against my local IDP (which would
> access my local ldap server).
Doesn't have to be EPPN specifically, but yes.
> I'd get back (among other attributes) any isMemberOf values associated with that user ... ?
Or whatever you program it to ask for or return, yes. They go through the same layers of processing as the original SAML Attributes do, extraction, filtering, transforms, etc.
-- Scott
More information about the users
mailing list