Attribute Resolver Architecture
The IdP's Attribute Resolver performs three main tasks: pulling in data from external systems (e.g., LDAP directories and relational databases), creating attributes from the pulled in data, and associating protocol-specific encoders with the created attributes.
...
- Create an AttributeResolutionContext and populate it with appropriate parameters:
- The canonical Prinicipal name
- The entityID of the IdP and the SP
- Optional ID of an authentication flow used
- Additionally the precise names of the attributes resolved can also be set.
- Locate an Attribute Resolver. This would usually be done via a ReloadableSpringService. See Configuration, Resources and ReloadReloadableConfiguration.
- Call the resolver. After resolution, the result can be extracted via the getResolvedIdPAttributes() method and will usually be inserted into an AttributeContext.
- If using a ReloadableSpringService. do not forget to call unpinComponent.
...