Shibboleth/apache/O365 Azure/Reverse Proxy

ptedesco ptedesco at ims.consulting
Tue May 12 23:57:13 UTC 2020 

Ok, I think I am more confused now.
If anyone can tell me what I need to change it would be greatly appreciated
my Attribute map is 

<Attributes xmlns="urn:mace:shibboleth:2.0:attribute-map"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

    
    <Attribute name="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
id="persistent-id">
        <AttributeDecoder xsi:type="NameIDAttributeDecoder"
formatter="$NameQualifier!$SPNameQualifier!$Name" defaultQualifiers="true"/>
    </Attribute>
    <Attribute name="emailAddress"
nameFormat="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
id="emailAddress">
        <AttributeDecoder xsi:type="NameIDAttributeDecoder"
formatter="$Name" defaultQualifiers="true" />
    </Attribute>
     <Attribute name="mail"
nameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"
id="mail">
        <AttributeDecoder xsi:type="NameIDAttributeDecoder"
formatter="$Name" defaultQualifiers="true" />
     </Attribute>

    <Attribute name="urn:mace:dir:attribute-def:mail" id="SHIB_MAIL"/>
    <Attribute name="urn:oid:0.9.2342.19200300.100.1.3" id="SHIB_MAIL"/>
    <Attribute name="urn:oid:0.9.2342.19200300.100.1.1" id="uid"/>
    <Attribute name="urn:mace:dir:attribute-def:uid" id="uid"/>
    <Attribute name="urn:oid:0.9.2342.19200300.100.1.3" id="mail"/>
    <Attribute name="urn:mace:dir:attribute-def:mail" id="mail"/>
    <Attribute name="urn:mace:dir:attribute-def:samaccountname"
id="samaccountname" />
    <Attribute name="urn:oid:1.2.840.113556.1.4.221" id="samaccountname" />


</Attributes>

and my Attribute-policy file is 

<AttributeFilterPolicyGroup
    xmlns="urn:mace:shibboleth:2.0:afp"
    xmlns:saml="urn:mace:shibboleth:2.0:afp:mf:saml"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

    
    
     <AttributeFilterPolicy>
        
        <PolicyRequirementRule xsi:type="ANY"/>


        
        
        
        <AttributeRule attributeID="*" permitAny="true"/>
    </AttributeFilterPolicy>

</AttributeFilterPolicyGroup>





--
Sent from: https://shibboleth.1660669.n2.nabble.com/Shibboleth-Users-f1660767.html

More information about the users mailing list