...
A configuration shortcut allows for the values from any IdPAttribute objects contained inside IdPAttributePrincipal objects to be pulled out, which is an effective way to tunnel attribute data from outside the IdP provided by the External authentication flow.
Reference
Localtabgroup |
localtab-live Expand |
---|
title | Specific XML Attributes |
---|
|
The source of the Subject(s) to evaluate is controlled with: Name | Type | Default | Description |
---|
forCanonicalization | Boolean | false | If true, a Subject undergoing SubjectCanonicalization is used as input rather than the default of looking for authenticated Subjects | .Exactly one of the following must be provided (but not both): Name | Type | Description |
---|
principalAttributeName | String | The name of an IdPAttribute found inside an IdPAttributePrincipal contained in one of the authenticated Subject(s) | attributeValuesFunctionRef | Bean ID | The name of a Spring Bean implementing Function<Principal,List<IdPAttributeValue>>, this function will be invoked for each Principal found within the authenticated Subject(s), instead of relying on default behavior |
localtab-live |
Expand |
---|
title | Common XML Attributes |
---|
|
Include Page |
---|
| AttributeDefinitionCommonAttributes |
---|
| AttributeDefinitionCommonAttributes |
---|
| localtab-live
|
Expand |
---|
|
At least one dependency element is required. Include Page |
---|
| AttributeDefinitionCommonChildElements |
---|
| AttributeDefinitionCommonChildElements |
---|
|
|
...
Code Block |
---|
|
<AttributeDefinition xsi:type="SubjectDerivedAttribute" forCanonicalization="true"
id="SomethingElse" principalAttributeName="Whatever">
|