Release attributes

IAM David Bantz dabantz at alaska.edu
Wed Jun 10 03:57:15 UTC 2020 

attributes presumably defined in your attribute-resolver.xml for example:

eduPersonPrincipalName   urn:oid:1.3.6.1.4.1.5923.1.1.1.6

mail  urn:oid:0.9.2342.19200300.100.1.3

sample attribute release policy in attribute-filter.xml

<AttributeFilterPolicy id="releaseToEDUCAUSE">
    <PolicyRequirementRule xsi:type="OR">
        <Rule xsi:type="Requester" value="
https://www.educause.edu/shibboleth-sp" />
        <Rule xsi:type="Requester" value="https://sso.educause.edu/sp" />
    </PolicyRequirementRule>
    <AttributeRule attributeID="eduPersonPrincipalName">
        <PermitValueRule xsi:type="ANY" />
    </AttributeRule>
    <AttributeRule attributeID="surname">
        <PermitValueRule xsi:type="ANY" />
    </AttributeRule>
    <AttributeRule attributeID="givenName">
        <PermitValueRule xsi:type="ANY" />
    </AttributeRule>
    <AttributeRule attributeID="mail">
        <PermitValueRule xsi:type="ANY" />
    </AttributeRule>
    <AttributeRule attributeID="eduPersonScopedAffiliation">
        <PermitValueRule xsi:type="ANY" />
    </AttributeRule>
</AttributeFilterPolicy>

On Tue, Jun 9, 2020 at 7:05 PM Jerry Bailie <jebailie at vassar.edu> wrote:

> Ok, thanks !
>
> This would be done in the attribute-filter.xml file ?
>
> If so, there's several examples in there that may be a bit complicated.
> Could you provide an example of the release of those 2 attributes?
>
> - Jerry
>
> On Tue, Jun 9, 2020 at 10:18 PM Cantor, Scott <cantor.2 at osu.edu> wrote:
>
>> >    I see these values in the eduPerson.xml and inetOrgPerson.xml files
>> but how do they get "released" ?
>>
>> Same as always (or I guess not if you're new to Shibboleth), attribute
>> filtering.
>>
>> -- Scott
>>
>>
>> --
>> For Consortium Member technical support, see
>> https://wiki.shibboleth.net/confluence/x/coFAAg
>> To unsubscribe from this list send an email to
>> users-unsubscribe at shibboleth.net
>>
> --
> For Consortium Member technical support, see
> https://wiki.shibboleth.net/confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20200609/9c322880/attachment.htm>

More information about the users mailing list