<!--
A list of attributes to resolve for normalizing the subject. For example, you might
intend to lookup a name in a directory based on what the user entered. You can make this
an empty list if you just want to resolve everything you normally would.
-->
<util:list id="shibboleth.c14n.attribute.AttributesToResolve">
<value>uid</value>
</util:list>
<!--
A list of attributes to search for a value to produce as the normalized subject name.
This will normally be something you resolve above.
-->
<util:list id="shibboleth.c14n.attribute.AttributeSourceIds">
<value>uid</value>
</util:list>
<bean id="shibboleth.c14n.attribute.PrincipalNameLookupStrategy"
class="net.shibboleth.idp.profile.context.navigate.ScriptedContextLookupFunction"
factory-method="inlineScript">
<constructor-arg>
<value>
<![CDATA[
var principalName = null;
var subject = profileContext.getSubcontext("net.shibboleth.idp.authn.context.SubjectCanonicalizationContext").getSubject();
var princs = subject.getPrincipals(Java.type("net.shibboleth.idp.authn.principal.UsernamePrincipal").class);
if (princs.size() == 1) {
principalName = princs.iterator().next().getName();
}
principalName;
]]>
</value>
</constructor-arg>
</bean> |