LDAP DN parameter in attribute-resolver.xml IDPv4 file
Cantor, Scott
cantor.2 at osu.edu
Fri Nov 12 17:26:23 UTC 2021
On 11/12/21, 12:13 PM, "users on behalf of Tommaso Gallo" <users-bounces at shibboleth.net on behalf of Tommaso.GALLO at unicampania.it> wrote:
> Is it possible to have a script example?
Not done by me, no, because I would have to do the actual work, i.e., that's dedicated support. See list footer.
All I can say is that the most direct way to do it would be to leverage the SubjectDerivedAttribute attribute definition type in the resolver and plugin an alternate function into the attributeValuesFunctionRef slot. That function gets run for every Principal in the Subject, allowing it to type-test for the LdapPrincipal type and get the necessary result from there.
-- Scott
More information about the users
mailing list