...
Code Block | ||||
---|---|---|---|---|
| ||||
... <resolver:AttributeDefinition xsi:type="ad:Prescoped" id="eduPersonPrincipalName" sourceAttributeID="eduPersonPrincipalName"> <resolver:Dependency ref="myLDAP" /> <resolver:DisplayName xml:lang="fi">Henkilön yksilöivä tunniste</resolver:DisplayName> <resolver:DisplayName xml:lang="en">Principal name</resolver:DisplayName> <resolver:DisplayName xml:lang="se"></resolver:DisplayName> <resolver:DisplayDescription xml:lang="fi">Erottaa henkilön muista käyttäjistä. Muotoa "käyttäjätunnus@domain".</resolver:DisplayDescription> <resolver:DisplayDescription xml:lang="en">The "NetID" of the person for the purposes of inter-institutional authentication. Represented in the form "user@scope" where scope defines a local security domain.</resolver:DisplayDescription> <resolver:DisplayDescription xml:lang="se"></resolver:DisplayDescription> <resolver:AttributeEncoder xsi:type="enc:SAML1ScopedString" name="urn:mace:dir:attribute-def:eduPersonPrincipalName" encodeType="false" /> <resolver:AttributeEncoder xsi:type="enc:SAML2ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" friendlyName="eduPersonPrincipalName" encodeType="false" /> </resolver:AttributeDefinition> ... |
Configure attribute filter
In the attribute filter you describe which attributes gets filtered out, This example passes nameidattr for everyone, this is needed for persistentID generation (read section "Configure database storage for consent module and persistentID"). The rest attributes are released if those are requested by SP via metadata.
...