Versions Compared

Old Version 8

changes.mady.by.user Scott Cantor

Saved on

compared with

New Version 9

changes.mady.by.user Lukas Hämmerle

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
./resolvertest -n _9f2d9fd62aa99cc43bf483045aeac123  -i https://aai-logon.switch.ch/idp/shibboleth -saml2 -f urn:oasis:names:tc:SAML:2.0:nameid-format:persistent

The result of the processing will be to run the attribute extraction, filtering, and resolution subsystems against the input information. Support for queries comes from the use of the default resolution plugin. The output of the above command then could look like this:

Code Block
./resolvertest -saml2 -f urn:oasis:names:tc:SAML:2.0:nameid-format:persistent \
-i https://aai-logon.switch.ch/idp/shibboleth -n FQdaogdLEj0iZZTIfdS3svc52WE= 
uid: haemmerle
affiliation: staff
surname: Hämmerle
givenName: Lukas
homeOrganization: switch.ch
uniqueID: 123456abcde@switch.ch
homeOrganizationType: others
gender: 1
persistent-id: https://aai-idp.switch.ch/idp/shibboleth!https://dieng.switch.ch/shibboleth!FQdaogdLEj0iZZTIfdS3svc52WE=
mail: lukas.haemmerle@switch.ch
Note

In order to make attribute request to an Attribute Autority using a persistent Identifier, the Shibboleth Identity Provider needs to configure a PrincipalConnector for the persistent Name Identifier format in the attribute-resolver.xml configuration:

Code Block
xml
xml
     <resolver:PrincipalConnector xsi:type="pc:StoredId" id="saml2Persistent"
        nameIDFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" 
        storedIdDataConnectorRef="myStoredId" />