...
There are two rounds of transformation each attribute will undergo as it passes through the IdP. The first set of changes allow the IdP to transforms transform attributes (merge, split, reformat, etc.) using other attributes to get a complete data definition. The second set of changes transform the attribute from the internal representation to one appropriate for the protocol the IdP will be communicating with, a process known as attribute encoding.
...
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<resolver: AttributeDefinition xsi:type="ad:Simple" id="uid" sourceAttributeID="NETID">
<resolver:AttributeEncoder xsi:type="enc:SAML2String"
name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"
friendlyName="eduPersonPrincipalName" />
<resolver:Dependency ref="MyDatabase" />
</resolver:AttributeDefinition>
<resolver:DataConnector xsi:type="RelationalDatabase" xmlns="urn:mace:shibboleth:2.0:resolver:dc"
id="MyDatabase"
validationQuery="SELECT 1;">
<ApplicationManagedConnection jdbcDriver="org.hsqldb.jdbcDriver"
jdbcURL="jdbc:hsqldb:res:/data/database/shibdb"
jdbcUserName="sa" />
<QueryTemplate>
<![CDATA[
SELECT * FROM PEOPLE WHERE netid='${principal}'
]]>
</QueryTemplate>
</resolver:DataConnector>
|
...