The Shibboleth IdP V3 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only. See the IDP4 wiki space for current documentation on the supported version.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

The SubjectDerivedAttribute 3.3 attribute definition exposes the attributes values associated with Principals for this flow.  A configuration short cut allows for the values from IdPAttribute contained inside an IdPAttributePrincipal;

Schema Name and Location

This xsi:type is defined by the urn:mace:shibboleth:2.0:resolver schema 3.3, which is located at http://shibboleth.net/schema/idp/shibboleth-attribute-resolver.xsd.

Prior to V3.3 supplied plugins were defined by a schema type (xsi:type) in the urn:mace:shibboleth:2.0:resolver:ad schema, which is located at http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-ad.xsd.  This is still supported, but every element or type in the  urn:mace:shibboleth:2.0:resolver:ad schema has an equivalently named (but not necessarily identical) version in the urn:mace:shibboleth:2.0:resolver  schema.  The use of the  urn:mace:shibboleth:2.0:resolver schema also allows a relaxation of the ordering requirements of sub elements and so a more natural order can be applied.  Note that versions earlier than 3.3 are no longer supported and you should look to upgrade at the soonest opportunity.

Attributes

Any of the common attributes can be specified. Note that this attribute definition does not require a sourceAttributeID attribute since the information is not resolved from an input attribute. If one is supplied, it is ignored.

Additionally exactly one of the following should be provided

Name
Type
Description
principalAttributeName
stringThe name of an attribute inside a  IdPAttributePrincipal;

attributeValuesFunctionRef

stringThe name of a Spring Bean defined elsewhere. This bean should implement Function<Principal, List<IdPAttributeValue>>

Child Elements

Any of the common child elements can be specified. Note that this attribute definition does not require a <Dependency> child element since the information is not resolved from an input attribute. If any are supplied, then they are ignored.

Example

<AttributeDefinition xsi:type="SubjectDerivedAttribute" id="PD1" principalAttributeName="Whatever">
  • No labels