...
Code Block |
---|
./resolvertest -n _9f2d9fd62aa99cc43bf483045aeac123 -i https://aai-logon.switch.ch/idp/shibboleth -saml2 -f urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
|
The result of the processing will be to run the attribute extraction, filtering, and resolution subsystems against the input information. Support for queries comes from the use of the default resolution plugin. The output of the above command then could look like this:
Code Block |
---|
./resolvertest -saml2 -f urn:oasis:names:tc:SAML:2.0:nameid-format:persistent \ -i https://aai-logon.switch.ch/idp/shibboleth -n FQdaogdLEj0iZZTIfdS3svc52WE= uid: haemmerle affiliation: staff surname: Hämmerle givenName: Lukas homeOrganization: switch.ch uniqueID: 123456abcde@switch.ch homeOrganizationType: others gender: 1 persistent-id: https://aai-idp.switch.ch/idp/shibboleth!https://dieng.switch.ch/shibboleth!FQdaogdLEj0iZZTIfdS3svc52WE= mail: lukas.haemmerle@switch.ch |
Note | |||||||
---|---|---|---|---|---|---|---|
In order to make attribute request to an Attribute Autority using a persistent Identifier, the Shibboleth Identity Provider needs to configure a PrincipalConnector for the persistent Name Identifier format in the attribute-resolver.xml configuration:
Be sure to set the DataConnectorRef with the correct ID of a targetedID connector (e.g. "dc:ComputedId") |