Versions Compared

Old Version 66

changes.mady.by.user Christopher Bongaarts

Saved on

compared with

New Version Current

changes.mady.by.user bieber@unl.edu

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Remove errant space in XML element name

...

First, within each configuration file similar configurable component components all use the same XML element tag name. For example, within the attribute resolver configuration all attribute definitions start with the XML element tag name AttributeDefinition and all data connectors with the tag name DataConnector. A type attribute, xsi:type, is then used to determine the type of the component (e.g. a database, an LDAP data connector). The type also determines the content, or configuration options, of that component.

Second, all data within an attribute object (i.e. it's ID, values, etc.) is case sensitive regardless of what created the object. This may be confusing at first because some data sources treat some, or all, of their information as case insensitive. However, in order to avoid general confusion about when a particular apiece piece of data is case sensitive or not, the simple rule of "all information is case sensitive" is followed.

...

There are two rounds of transformation each attribute will undergo as it passes through the IdP. The first set of changes allow the IdP to transforms transform attributes (merge, split, reformat, etc.) using other attributes to get a complete data definition. The second set of changes transform the attribute from the internal representation to one appropriate for the protocol the IdP will be communicating with, a process known as attribute encoding.

...

Code Block
xml
xml
titleExample attribute encoder for a defined attribute definition
<resolver: AttributeDefinition xsi:type="ad:Simple" id="uid" sourceAttributeID="NETID">

    <resolver:AttributeEncoder xsi:type="enc:SAML2String"
                               name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"
                               friendlyName="eduPersonPrincipalName" />

    <resolver:Dependency ref="MyDatabase" />

</resolver:AttributeDefinition>

<resolver:DataConnector xsi:type="RelationalDatabase" xmlns="urn:mace:shibboleth:2.0:resolver:dc"
                        id="MyDatabase"
                        validationQuery="SELECT 1;">

    <ApplicationManagedConnection jdbcDriver="org.hsqldb.jdbcDriver"
                                  jdbcURL="jdbc:hsqldb:res:/data/database/shibdb"
                                  jdbcUserName="sa" />

    <QueryTemplate>
        <![CDATA[
            SELECT * FROM PEOPLE WHERE netid='${principal}'
        ]]>
    </QueryTemplate>

</resolver:DataConnector>

...