Shibboleth 4.2.x and ADFS/Azure
cantor.2 at osu.edu
Thu Oct 20 15:11:57 UTC 2022
Keith Wessell ideally would post his function for this purpose, I have never done it so I have no example to provide.
The hook for this is an extended plug point on the SAML2.SSO profile configuration bean called authnContextTranslationStrategyEx which is a complex type of Function<ProfileRequestContext,Collection<Principal> that takes the PRC and produces the Principal objects to attach.
I assume that he dug the information out of the AttributeContext created when the assertion was decoded.
If somebody provides an example that works I can ship it in a release for people to plug in.
More information about the users