TransformAttributeResolver adds instead of replacing values

[Peter Schober]

* Peter Schober <peter.schober at univie.ac.at> [2021-09-07 14:59]:
> > If not possible, is there any way one could convert multivalue
> > attribute to single value to fix this?
> 
> How should the software know which value you'd like to keep?

The only way I can think that doesn't rely on any code of your own
would be using the SP's REMOTE_USER precedence list feature.

I.e., if you're NOT already using that for something else you could
first transform schacPersonalUniqueID to the desired format (in-place
or with a new 'dest' attribute different from
nationalIdentificationNumber) and then let the software pick the first
non-empty value out of a list given in your preferred order:

REMOTE_USER="NINfromSPUID nationalIdentificationNumber"

<AttributeResolver type="Transform" source="schacPersonalUniqueID">
  <Regex match="^.*:(.+)$" dest="NINfromSPUID">$1</Regex>
</AttributeResolver>

That way the NIN part from schacPersonalUniqueID would be picked as
value of REMOTE_USER (if it was available and matched the regex),
otherwise the value of nationalIdentificationNumber would end up being
chosen (if available). If neither was available REMOTE_USER would be
empty (unless you added another attribute id to that list that's
available).

Maybe submit a feature request for the Transform resolver to be
replacing values.

-peter