Cunfigure eduPersonTargetedID shibboleth Idp windows 3.4

Peter Schober peter.schober at univie.ac.at
Wed Sep 22 13:13:15 UTC 2021


* Aisha Al Fudhaili <aisha at omren.om> [2021-09-22 13:40]:
> I made the changes but still I got errors. I'm not fully understand
> how to configure data connector.  Could you please show me example.

> <AttributeDefinition xsi:type="Scoped" id="samlPairwiseID" scope="%{idp.scope}">
>         <InputDataConnector ref="computed" attributeNames="computedId"/>
>         <AttributeEncoder xsi:type="SAML2ScopedString" name="urn:oasis:names:tc:SAML:attribute:pairwise-id" friendlyName="pairwise-id" encodeType="false" />
>     </AttributeDefinition>

That looks fine for an IDPv3.

> <DataConnector id="computed" xsi:type="ComputedId"
>         generatedAttributeID="computedId"
>         salt="%{idp.persistentId.salt}"
>         algorithm="%{idp.persistentId.algorithm:SHA}"
>         encoding="%{idp.persistentId.encoding:BASE32}">
>          
>         <InputDataConnector ref="myLDAP" attributeNames="%{idp.persistentId.sourceAttribute}" />
>          
>     </DataConnector>

We need some more info from your conf/saml-nameid.properties:

And what is the proerty idp.persistentId.sourceAttribute set to?
(And does the attribute exist in your LDAP directory?)

And did you set a (secret, so DO NOT POST IT HERE!) value for the
idp.persistentId.salt property? Just make sure this has some value
(and not the "changethistosomethingrandom" one).

Best,
-peter


More information about the users mailing list