Question on Shibboleth V3 (3.4.7.1) Migration from older Shibboleth?
Peter Schober
peter.schober at univie.ac.at
Fri Nov 13 17:28:40 UTC 2020
Is there a relation between the Subject line of your post and the
content of your post? Something about upgrading a Shibboleth IDP?
Possibly to version 4?
More comments/questions below.
* s chang via users <users at shibboleth.net> [2020-11-13 18:13]:
> We are trying to deploy Shibboleth V3 (3.4.7.1) with ADFS 3.0.
Do you mean you're trying to use ADFS as a SAML 2.0 SP with your
Shibboleth v3 IDP?
> Set up "Edit claim rules for Claim provider trust" failed.
Should that mean anything to us? That's not something from the
Shibboleth documentation, is it?
> On Custom Rule, we tried below rule. But OID and name seems outdated
Outdated how?
How did you come to the conclusion that an OID or name was "outdated"?
> Does anyone know what is the latest Shibboleth’s OID to map to
> ADFS’s claim type “Name” and “UPN” below?
> c:[Type == "urn:oid:1.3.6.1.4.1.5923.1.1.1.6", Value=~
> "^.+ at adatum.com$"]=> issue(Type =
> "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",Issuer
> = c.Issuer, OriginalIssuer = c.OriginalIssuer, Value =
> c.Value,ValueType = c.ValueType);
I don't understand the question. Shibboleth has no OIDs of its own,
the software can be configured to use whatever formal attribute names
you want to use/support.
I don't speak "ADSF claims" myself so I cannot tell what the above
does or means or how that's related to the eduPersonPrincipalName
attribute (defined in the eduPerson-specification) whose OID you have
included above.
Best regards,
-peter
More information about the users
mailing list