Versions Compared

Old Version 32

changes.mady.by.user Lukas Hämmerle

Saved on

compared with

New Version 33

changes.mady.by.user Lukas Hämmerle

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Expand
titleExample Usage

Once the AttributeResolver handler is configured, it can for example be queried (e.g. from localhost) with:
$ curl -k 'https://localhost/Shibboleth.sso/AttributeResolver?format=urn:oasis:names:tc:SAML:2.0:nameid-format:persistent&entityID=https%3A%2F%2Faai-logon.switch.ch%2Fidp%2Fshibboleth&nameId=123456789PfvsH8k4gvHoeq6QtM=MyURLEncodedPersistentID%

This will return a JSON data structure like:
{
    "displayName" : [

        "Lukas Hämmerle"
    ],
    "mail" : [

        "lukas.haemmerle@switchhaemmerle@switch.ch"
    ],
    "schacHomeOrganization" : [

        "switch.ch"
    ],
    "persistent-id" : [

        "https://aai-logon.switch.ch/idp/shibboleth!https://test.eduid.ch/shibboleth!1FmaGeMauPfvsH8k4gvHoeq6QtM="
    ],
    "idp" : [

        "https://aai-logon.switch.ch/idp/shibboleth"
    ]

}

The output is currently limited to JSON, and is either dumped in a structure containing an array field named for each attribute, with each value serialized to its own own array slot, or is encoded in a way that combines multiple values into delimited strings identical to what would appear in server variables or headers. The latter is enabled by setting the encoding parameter to "JSON/CGI".