config memberOf in idpv4
leosimon
leosimon at digital-nirvana.com
Fri May 8 19:11:36 UTC 2020
Don,
That is a great suggestion and I just got it to work.
attribute-resolve.xml
<DataConnector id="myLDAP" xsi:type="LDAPDirectory"
ldapURL="%{idp.attribute.resolver.LDAP.ldapURL}"
baseDN="%{idp.attribute.resolver.LDAP.baseDN}"
principal="%{idp.attribute.resolver.LDAP.bindDN}"
principalCredential="%{idp.attribute.resolver.LDAP.bindDNCredential}"
exportAttributes="mail givenName uid gidNumber uidNumber">
<FilterTemplate>
</FilterTemplate>
<ReturnAttributes>* +</ReturnAttributes>
</DataConnector>
I have made the ReturnAttributes return all the operational attribute and
got it working
2020-05-08 14:56:08,834 - 10.1.1.2 - DEBUG
[net.shibboleth.idp.saml.attribute.transcoding.SAMLEncoderSupport:74] -
Encoding value cn=group3,ou=groups,dc=example,dc=com of attribute memberOf
2020-05-08 14:56:08,834 - 10.1.1.2 - DEBUG
[net.shibboleth.idp.saml.attribute.transcoding.SAMLEncoderSupport:74] -
Encoding value cn=group1,ou=groups,dc=example,dc=com of attribute memberOf
2020-05-08 14:56:08,835 - 10.1.1.2 - DEBUG
[net.shibboleth.idp.saml.attribute.transcoding.SAMLEncoderSupport:74] -
Encoding value cn=group2,ou=groups,dc=example,dc=com of attribute memberOf
Right now, the memberOf value exports as the whole like,
cn=group2,ou=groups,dc=example,dc=com
How can I make the filter to convert this value as just
cn=group1,cn=group2,cn=group3
Any suggestion on this?
--
Sent from: https://shibboleth.1660669.n2.nabble.com/Shibboleth-Users-f1660767.html
More information about the users
mailing list