Attribute Encoders, Attribute Definitions and Data Connectors can be supplemented with an externally-defined activation condition. This is done via the attribute activationConditionRef.
For example, given this attribute definition:
| Code Block | ||||
|---|---|---|---|---|
| ||||
<AttributeDefinition xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver" id="EPA1"
sourceAttributeID="staticEpA" activationConditionRef="ExampleOrgPredicate">
<Dependency ref="staticAttributes" />
</AttributeDefinition> |
The attribute would only be resolved if the condition entitled ExampleOrgPredicate evaluated true.
Conditions might be specified thus:
| Code Block | ||||
|---|---|---|---|---|
| ||||
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:c="http://www.springframework.org/schema/c"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">
<bean id="ExampleOrgPredicate" parent="shibboleth.Conditions.RelyingPartyId" c:_0="https://sp.example.org"/>
</beans> |
This bean file must be supplied to the attribute resolver's resource list in the services.xml file:
| Code Block | ||||
|---|---|---|---|---|
| ||||
<util:list id ="shibboleth.AttributeResolverResources">
<value>${idp.home}/conf/attribute-resolver.xml</value>
<value>${idp.home}/conf/THE_NEW_FILE.xml</value>
</util:list> |