...
Indicated by type="XML", implements an XML-based rule syntax for designating SAML attributes and name identifiers to decode into internal attributes. The plugin supports extraction of SAML attributes and name identifiers from the following SAML constructs (it does not know how to pull any other data from these elements, only attributes and name identifiers):
<saml:Assertion><saml:Attribute><saml:NameIdentifier><saml2:Assertion><saml2:Attribute><saml2:NameID><saml2:EncryptedAttribute>
...
Indicated by type="Assertion", allows well-defined content from within a SAML assertion to be extracted and passed to an application as an attribute. This supplements older support for extracting a fixed set of information from the assertion and populating well-defined variables/headers (e.g., the Shib-Identity-Provider header and so forth).
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<AttributeExtractor type="Assertion"
Issuer="Shib-Identity-Provider"
AuthnInstant="Shib-Authentication-Instant"
AuthnContextClassRef="Shib-AuthnContext-Class"
AuthnContextDeclRef="Shib-AuthnContext-Decl"
SessionIndex="Shib-Session-Index"
/>
|
...