<html dir="ltr">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
<style>
<!--
@font-face
        {font-family:Calibri}
@font-face
        {font-family:Consolas}
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri","sans-serif"}
a:link, span.MsoHyperlink
        {color:blue;
        text-decoration:underline}
a:visited, span.MsoHyperlinkFollowed
        {color:purple;
        text-decoration:underline}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:10.5pt;
        font-family:Consolas;
        color:black}
span.EmailStyle17
        {font-family:"Calibri","sans-serif";
        color:windowtext}
span.PlainTextChar
        {font-family:Consolas;
        color:black}
.MsoChpDefault
        {font-family:"Calibri","sans-serif"}
@page WordSection1
        {margin:72.0pt 72.0pt 72.0pt 72.0pt}
-->
</style><style type="text/css" id="owaParaStyle"></style>
</head>
<body lang="EN-GB" link="blue" vlink="purple" fpstyle="1" ocsi="0">
<div style="direction: ltr;font-family: Tahoma;color: #000000;font-size: 10pt;">Hi,
<div><br>
</div>
<div>The instructions in their email got a bit mangled/confused somewhere - they don't make sense. </div>
<div><br>
</div>
<div>I emailed them about this yesterday and got a reply saying that releasing eduPersonTargetedID as normal should work fine. I don't think we'll need to make any changes. Probably a good idea to keep an eye on things after they switch to the new configuration
though...</div>
<div><br>
</div>
<div>Pete<br>
<div>
<div style="font-family:Tahoma; font-size:13px"><br>
-- <br>
Peter Birkinshaw <br>
Senior Directory and Registration Administrator<br>
IT Services Division | +44 (0)161 306 3118<br>
The University of Manchester | PGP: 0xB7B0B433<br>
<br>
</div>
</div>
<div style="font-family: Times New Roman; color: #000000; font-size: 16px">
<hr tabindex="-1">
<div id="divRpF171534" style="direction: ltr; "><font face="Tahoma" size="2" color="#000000"><b>From:</b> users-bounces@shibboleth.net [users-bounces@shibboleth.net] on behalf of Morris, Andi [amorris@uwic.ac.uk]<br>
<b>Sent:</b> 30 September 2011 16:53<br>
<b>To:</b> users@shibboleth.net<br>
<b>Subject:</b> New attribute filter help<br>
</font><br>
</div>
<div></div>
<div>
<div class="WordSection1">
<p class="MsoNormal" style="text-autospace:none"><span style="font-size:9.0pt; font-family:"Courier New"; color:black">Hi all,</span></p>
<p class="MsoNormal" style="text-autospace:none"><span style="font-size:9.0pt; font-family:"Courier New"; color:black">I’ve just been asked to release some new attributes for a service that our library uses. The information is in the text below.</span></p>
<p class="MsoNormal" style="margin-top:12.0pt"><b><span style="font-size:10.0pt; font-family:"Arial","sans-serif"; color:black">For Shibboleth users, we are expecting to receive the following attributes</span></b><span style="font-size:10.0pt; font-family:"Arial","sans-serif"; color:black">:<br>
> An attribute with a name that matches the regular expression (ignoring case) ".*OASCOPED.URN.MACE.DIR_ATTRIBUTE.DEF.EDUPERSONTARGETEDID.*". The value should be some sort if ID representing the logged in user followed by =@"idpdomain"</span><span style="color:black"></span></p>
<p class="MsoPlainText"><span style="font-size:10.0pt; font-family:"Arial","sans-serif"">So an example would be [OA.OASCOPED.URN.MACE.DIR.ATTRIBUTE.DEF.EDUPERSONTARGETEDID] =>
<a href="mailto:wduOx72J9wJAQz7sEZowoBLKpio=@typekey.sdss.ac.uk" target="_blank">
<span style="color:black">wduOx72J9wJAQz7sEZowoBLKpio=@typekey.sdss.ac.uk</span></a></span></p>
<p class="MsoPlainText"> </p>
<p class="MsoPlainText"> <span style="font-size:10.0pt; font-family:"Arial","sans-serif"">
> An attribute with a name that matches the regular expression".*IDP.ENTITY.*". The value should be the EntityID of the Identity provider.
<br>
An example would be [OA_IDP_ENTITY] => <a href="https://typekey.sdss.ac.uk/shibboleth" target="_blank">
<span style="color:black">https://typekey.sdss.ac.uk/shibboleth</span></a></span></p>
<p class="MsoPlainText"><span style="font-size:10.0pt; font-family:"Arial","sans-serif""> </span></p>
<p class="MsoPlainText"><span style="font-size:10.0pt; font-family:"Arial","sans-serif""> </span></p>
<p class="MsoPlainText"><span style="font-size:10.0pt; font-family:"Arial","sans-serif"">Now, we already release the EDUPERSONTARGETEDID, but not with that expression. Ours is:</span></p>
<p class="MsoPlainText"> <resolver:AttributeDefinition xsi:type="ad:SAML2NameID" id="eduPersonTargetedID"
</p>
<p class="MsoPlainText"> nameIdFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" sourceAttributeID="computedID"></p>
<p class="MsoPlainText"> <resolver:Dependency ref="computedID" /></p>
<p class="MsoPlainText"> <resolver:AttributeEncoder xsi:type="enc:SAML1XMLObject" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" /></p>
<p class="MsoPlainText"> <resolver:AttributeEncoder xsi:type="enc:SAML2XMLObject" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" friendlyName="eduPersonTargetedID" /></p>
<p class="MsoPlainText"> </resolver:AttributeDefinition></p>
<p class="MsoPlainText"> </p>
<p class="MsoPlainText">Will that work?</p>
<p class="MsoPlainText"> </p>
<p class="MsoPlainText">Also, is there a way I can release the EntityID as an attribute?</p>
<p class="MsoPlainText"> </p>
<p class="MsoPlainText">I’m quite new to all this, and have read the attribute section of the documentation, but it’s not quite all sunk in yet. Any help would be appreciated.</p>
<p class="MsoPlainText"> </p>
<p class="MsoPlainText">Cheers,</p>
<p class="MsoPlainText">Andi</p>
</div>
</div>
</div>
</div>
</div>
</body>
</html>