issue in releasing attributes

Aisha Al Fudhaili aisha at omren.om
Tue Jun 22 10:26:13 UTC 2021 

Hi,

Can any one help me on this. Im using shibboleth idp 3.4 in windows server

Log file:

- DEBUG [net.shibboleth.idp.attribute.resolver.AbstractAttributeDefinition:282] - Attribute Definition 'eduPersonScopedAffiliation': produced an attribute with the following values [ScopedStringAttributeValue{value=member, scope=idp.omren.om}]
2021-06-22 14:15:18,331 - 185.186.207.49 - DEBUG [net.shibboleth.idp.attribute.resolver.impl.AttributeResolverImpl:339] - Attribute Resolver 'ShibbolethAttributeResolver': Attribute definition 'eduPersonScopedAffiliation' produced an attribute with 1 values
2021-06-22 14:15:18,331 - 185.186.207.49 - DEBUG [net.shibboleth.idp.attribute.resolver.impl.AttributeResolverImpl:262] - Attribute Resolver 'ShibbolethAttributeResolver': Finalizing resolved attributes
2021-06-22 14:15:18,331 - 185.186.207.49 - DEBUG [net.shibboleth.idp.attribute.resolver.impl.AttributeResolverImpl:501] - Attribute Resolver 'ShibbolethAttributeResolver': De-duping (and null filtering) attribute definition uid result
2021-06-22 14:15:18,331 - 185.186.207.49 - DEBUG [net.shibboleth.idp.attribute.resolver.impl.AttributeResolverImpl:533] - Attribute Resolver 'ShibbolethAttributeResolver': Attribute 'uid' has 1 values after post-processing
2021-06-22 14:15:18,331 - 185.186.207.49 - DEBUG [net.shibboleth.idp.attribute.resolver.impl.AttributeResolverImpl:501] - Attribute Resolver 'ShibbolethAttributeResolver': De-duping (and null filtering) attribute definition mail result
2021-06-22 14:15:18,331 - 185.186.207.49 - DEBUG [net.shibboleth.idp.attribute.resolver.impl.AttributeResolverImpl:533] - Attribute Resolver 'ShibbolethAttributeResolver': Attribute 'mail' has 1 values after post-processing
2021-06-22 14:15:18,331 - 185.186.207.49 - DEBUG [net.shibboleth.idp.attribute.resolver.impl.AttributeResolverImpl:501] - Attribute Resolver 'ShibbolethAttributeResolver': De-duping (and null filtering) attribute definition eduPersonScopedAffiliation result
2021-06-22 14:15:18,331 - 185.186.207.49 - DEBUG [net.shibboleth.idp.attribute.resolver.impl.AttributeResolverImpl:533] - Attribute Resolver 'ShibbolethAttributeResolver': Attribute 'eduPersonScopedAffiliation' has 1 values after post-processing
2021-06-22 14:15:18,331 - 185.186.207.49 - DEBUG [net.shibboleth.idp.attribute.resolver.impl.AttributeResolverImpl:501] - Attribute Resolver 'ShibbolethAttributeResolver': De-duping (and null filtering) attribute definition eduPersonPrincipalName result
2021-06-22 14:15:18,331 - 185.186.207.49 - DEBUG [net.shibboleth.idp.attribute.resolver.impl.AttributeResolverImpl:533] - Attribute Resolver 'ShibbolethAttributeResolver': Attribute 'eduPersonPrincipalName' has 1 values after post-processing
2021-06-22 14:15:18,331 - 185.186.207.49 - DEBUG [net.shibboleth.idp.attribute.resolver.impl.AttributeResolverImpl:267] - Attribute Resolver 'ShibbolethAttributeResolver': Final resolved attribute collection: [uid, eduPersonScopedAffiliation, mail, eduPersonPrincipalName]
2021-06-22 14:15:18,346 - 185.186.207.49 - ERROR [net.shibboleth.idp.profile.impl.FilterAttributes:362] - Profile Action FilterAttributes: Error encountered while filtering attributes : Invalid Attribute Filter configuration
2021-06-22 14:15:18,346 - 185.186.207.49 - WARN [net.shibboleth.idp.profile.impl.FilterAttributes:365] - Filter error masked, clearing resolved attributes


attribute-filter.xml
  <AttributeFilterPolicy id="mirsal">
        <PolicyRequirementRule xsi:type="Requester" value="https://mirsal.omren.om" />
<PolicyRequirementRule xsi:type="ANY" />


           <AttributeRule attributeID="eduPersonPrincipalName">
                      <PermitValueRule xsi:type="EntityAttributeExactMatch"
                          attributeName="http://shibboleth.net/ns/attributes/releaseAllValues"
                          attributeNameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
                          attributeValue="eduPersonPrincipalName" />
                  </AttributeRule>

                  <AttributeRule attributeID="mail">
                      <PermitValueRule xsi:type="EntityAttributeExactMatch"
                          attributeName="http://shibboleth.net/ns/attributes/releaseAllValues"
                          attributeNameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
                          attributeValue="mail" />
                  </AttributeRule>
        <AttributeRule attributeID="uid" permitAny="true" />
    </AttributeFilterPolicy>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20210622/eb285daa/attachment.htm>

More information about the users mailing list