...
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
<!-- A list of attributes to resolve for normalizing the subject. For example, you might intend to lookup a name in a directory based on what the user entered. You can make this an empty list if you just want to resolve everything you normally would. --> <util:list id="shibboleth.c14n.attribute.AttributesToResolve"> <value>uid</value> </util:list> <!-- A list of attributes to search for a value to produce as the normalized subject name. This will normally be something you resolve above. --> <util:list id="shibboleth.c14n.attribute.AttributeSourceIds"> <value>uid</value> </util:list> <bean id="shibboleth.c14n.attribute.PrincipalNameLookupStrategy" class="net.shibboleth.idp.profile.context.navigate.ScriptedContextLookupFunction" factory-method="inlineScript"> <constructor-arg> <value> <![CDATA[ var principalName = null; var subject = profileContext.getSubcontext("net.shibboleth.idp.authn.context.SubjectCanonicalizationContext").getSubject(); var princs = subject.getPrincipals(Java.type("net.shibboleth.idp.authn.principal.UsernamePrincipal")); if (princs.size() == 1) { principalName = princs.iterator().next().getName(); } principalName; ]]> </value> </constructor-arg> </bean> |
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
<resolver:AttributeDefinition xsi:type="ad:Simple" id="uid" sourceAttributeID="uid"> <resolver:Dependency ref="myLDAP" /> <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:uid" /> <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.1" friendlyName="uid" /> </resolver:AttributeDefinition> .... <!-- Example LDAP Connector --> <resolver:DataConnector id="myLDAP" xsi:type="dc:LDAPDirectory" ldapURL="ldap://localhost:10389" baseDN="ou=People,dc=example,dc=edu" principal="cn=admin,dc=example,dc=edu" principalCredential="password"> <resolver:Dependency ref="searchUsername" /> <dc:FilterTemplate> <![CDATA[ (|(uid=$resolutionContext.principal)(mail=$resolutionContext.principal)) ]]> </dc:FilterTemplate> <dc:ReturnAttributes>uid</dc:ReturnAttributes> </resolver:DataConnector> |
...