Custom attribute
IAM David Bantz
dabantz at alaska.edu
Wed Jun 10 18:34:17 UTC 2020
http://oidref.com/2.16.840.1.113730.3.1.3 ?
On Wed, Jun 10, 2020 at 5:11 AM Peter Schober <peter.schober at univie.ac.at>
wrote:
> * Lohr, Donald <lohrda at jmu.edu> [2020-06-10 14:44]:
> > 1) How should this attribute be defined in the attribute-resolver.xml
> file
> > since no standard /*name="urn:oid:*/
> > value for the SAML2String element nor a
> > */name="urn:mace:dir:attribute-def:/* value for the SAML1String element?
>
> You very likely will not need a SAML1 attribute name for that (but
> immaterial, use the same name as for SAML2, if you do need one).
>
> As for attribute naming: If there's no appropriate standard identifier
> for something like that you'd make up your own.
> Since JMU seems to have an OID assigned from IANA:
>
> 10767
> James Madison University
> Scott Dellinger
> dellinsd&jmu.edu
>
> you could use something under that as the formal attribute name, i.e.,
> 1.3.6.1.4.1.10767.whatever.talk.to.Scott.Dellinger
>
> Or you could invent a URL under the jmu.edu domain as a name.
>
> > 2) Or what documentation exists that explains how I should approach this?
>
> If you mean the software configuration then the docs are at
>
> https://wiki.shibboleth.net/confluence/display/IDP30/AttributeResolverConfiguration
> or
>
> https://wiki.shibboleth.net/confluence/display/IDP4/AttributeResolverConfiguration
> depending on your IDP version.
>
> I.e., you define an AttributeDefinition and in that you also tell the
> IDP where the data comes from, i.e, you reference the DataConnector
> that returns this data. If none of the existing DataConnectors
> (e.g. "myLDAP") do that you'll also need to define a DataConnector
> that does.
>
> -peter
> --
> For Consortium Member technical support, see
> https://wiki.shibboleth.net/confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20200610/b841ac79/attachment.htm>
More information about the users
mailing list