Reading groups membership in Shibboleth 4.0.1
Brent Putman
putmanb at georgetown.edu
Tue Dec 1 23:48:37 UTC 2020
+ users list, for the archives
Glad to help.
On 12/1/20 6:39 PM, Feinstein, Moses wrote:
>
> Yes, that was it
>
> Thank you so much!
>
> **
>
> **
>
> **
>
> *Moses Feinstein*
>
> /Sr. Software / IAM Engineer, App Dev Dept/
>
> *Emaill*: moses.feinstein at touro.edu <mailto:moses.feinstein at touro.edu>
>
> *From:* Brent Putman <putmanb at georgetown.edu>
> *Sent:* Tuesday, December 1, 2020 5:50 PM
> *To:* Shib Users <users at shibboleth.net>; Feinstein, Moses
> <moses.feinstein at touro.edu>
> *Subject:* Re: Reading groups membership in Shibboleth 4.0.1
>
> *External Email*
>
> On 12/1/20 11:29 AM, Feinstein, Moses wrote:
>
> I believe this was replaced with exportAttributes in 4.0.1,
> however I add try to add returnAttribute previously as well, got
> a deprecated warning, but no error, however operational
> attributes did not come in.
>
> exportAttributes="%{idp.attribute.resolver.LDAP.returnAttributes}">
>
> <returneAttribtues> mail displayName sn givenName uid cn
> isMemberOf createTimestamp</returnAttributes>
>
>
> If that's literally what you have in your config, it's not correct
> and wouldn't be expected to work. XML element and attribute names
> are case-sensitive and the element is "<ReturnAttributes>". Also,
> the opening element tag is misspelled with an "e" in there in the
> middle, so that's not even well-formed XML. I'm surprised it would
> even load.
>
> https://wiki.shibboleth.net/confluence/display/IDP4/ReturnAttributes
> <https://urldefense.com/v3/__https:/wiki.shibboleth.net/confluence/display/IDP4/ReturnAttributes__;!!HoV-yHU!_4lbrIQ6u1-pkRL43VqPbhX0khMmGoN4qTF4uMBZbe4hDcsVOlgA_a1py_PxhWelpvgExQ$>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20201201/0a27749d/attachment.htm>
More information about the users
mailing list