IDP proxy - attribute
jebailie at vassar.edu
Fri Aug 14 16:54:44 UTC 2020
Ok, thanks for the info.
Stating a different way, the aim is to 'passthrough' an attribute from the
proxy to the SP.
For example, surname (which is released by the proxy and can be found in
<PolicyRequirementRule xsi:type="Issuer" value="
<PermitValueRule xsi:type="ANY" />
<DataConnector id="passthroughAttributes" xsi:type="Subject"
Most likely need more than this, any guidance would be greatly appreciated !
On Wed, Aug 12, 2020 at 7:08 PM Cantor, Scott <cantor.2 at osu.edu> wrote:
> > So we know that it is being 'exported' out of the proxy.
> No, some bogus, made-up SAML Attribute that is *not* defined by eduPerson
> is being exported. eduPerson attributes in SAML 2 have names derived from
> OIDs in the form of URNs. The defined mapping rules are correct out of the
> box. Passing data that is not correct will not be processed, and the
> message reflects that.
> > 1) What should the "value" of the issuer be?
> The entityID of the IdP you're proxying to is the issuer for a rule that
> handles acceptance, it's just the inverse of a release rule.
> > 2) It's not clear how to 'map' the incoming attribute to a
> Transcoding rule.
> I wouldn't in this particular case, but the documentation on creating
> custom rules is in the wiki.
> -- Scott
> For Consortium Member technical support, see
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users