Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
title$IDP_HOME/conf/attribute-resolver.xml
linenumberstrue
...
   <resolver:AttributeDefinition xsi:type="ad:Prescoped" id="eduPersonPrincipalName" sourceAttributeID="eduPersonPrincipalName">
        <resolver:Dependency ref="myLDAP" />
        <resolver:DisplayName xml:lang="fi">Henkilön yksilöivä tunniste</resolver:DisplayName>
        <resolver:DisplayName xml:lang="en">Principal name</resolver:DisplayName>
        <resolver:DisplayName xml:lang="se"></resolver:DisplayName>
        <resolver:DisplayDescription xml:lang="fi">Erottaa henkilön muista käyttäjistä. Muotoa "käyttäjätunnus@domain".</resolver:DisplayDescription>
        <resolver:DisplayDescription xml:lang="en">The "NetID" of the person for the purposes of inter-institutional authentication. Represented in the form "user@scope" where scope defines a local security domain.</resolver:DisplayDescription>
        <resolver:DisplayDescription xml:lang="se"></resolver:DisplayDescription>
        <resolver:AttributeEncoder xsi:type="enc:SAML1ScopedString" name="urn:mace:dir:attribute-def:eduPersonPrincipalName" encodeType="false" />
        <resolver:AttributeEncoder xsi:type="enc:SAML2ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" friendlyName="eduPersonPrincipalName" encodeType="false" />
    </resolver:AttributeDefinition>
...

Configure attribute filter

In the attribute filter you describe which attributes gets filtered out, This example passes nameidattr for everyone, this is needed for persistentID generation (read section "Configure database storage for consent module and persistentID"). The rest attributes are released if those are requested by SP via metadata.

...