Versions Compared

Old Version 11

changes.mady.by.user Scott Cantor

Saved on

compared with

New Version 12

changes.mady.by.user Scott Cantor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Note

This data connector was historically used to produce both the "eduPersonTargetedID" SAML Attribute and to generate SAML 2.0 "persistent" NameID values. The original Attribute use case is essentially deprecated because SAML 1 itself is a legacy standard and because the use of the Attribute in SAML 2 is both redundant, and overly complex. The NameID use case has been replaced by an equivalent NameID "generator" (see the NameIDGenerationConfiguration topic).

The connector remains supported for use with the new SAML SubjectID specification's "pairwise-id" replacement for all these legacy approaches.

That said, we strongly suggest considering use of the ComputedId DataConnector, which is much less troublesome. When you inevitably find that the database approach lacks reliability, there won't be a lot you can do about it if you have services relying on the values. Start with the hashing approach and only then really consider whether you need anything else.

...

Localtabgroup


Localtab
activetrue
titleSpecific XML Attributes


NameTypeDefaultDescription

generatedAttributeID   

stringID of the connectorID of the IdPAttribute generated
salt OR encodedSaltstring
A salt, of at least 16 bytes, used in the computation. Must be directly provided or in a base64-encoded form, but one must be set. The encoded option allows for binary characters, whitespace, or other difficult to capture content in the salt.

encoding

stringBASE64Controls the eventual text encoding of the value, this should be set to "BASE32" for new deployments (see the warning box about case sensitivity under PersistentNameIDGenerationConfiguration)

queryTimeout

Duration

PT5STimeout for the queries made against the database

transactionRetries

integer3Number of retries if insertion fails due to database transaction bugs
tableName 4.1stringshibpidOverrides name of database table to use

failFastInitialize

booleanfalseWhether a failure when verifying the database's availability and primary key during startup is fatal (prevents the AttributeResolver service from starting or the configuration from reloading)

retryableErrors

space-delimited list of strings23000 23505SQLState codes to treat as retryable errors indicating a duplicate insert due to database transaction bugs
exceptionMapRefBean ID
References a Spring bean defining a map of exception overrides for altering salt or suppressing generation of IDs for users and services. See the "Sparse Overrides" section in the the PersistentNameIDGenerationConfiguration topic.



Localtab
titleSpecific XML Elements

One of the following MUST be provided:

NameCardinalityDescription

<ContainerManagedConnection>


0 or 1 (all elements)

Connects to a database via a JNDI resource defined in the container

<SimpleManagedConnection>

Connects to a database via a JDBC data source configured explicitly

<BeanManagedConnection>

Connects to a database via an externally specified DataSource



Localtab
titleCommon XML Attributes

Include Page
DataConnectorCommonAttributes
DataConnectorCommonAttributes


Localtab
titleCommon XML Elements

Include Page
DataConnectorCommonChildElements
DataConnectorCommonChildElements


...