The Shibboleth IdP V4 software will leave support on September 1, 2024.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Overview

A set of built-in transcoders supporting SAML 1 <Attribute> and <AttributeDesignator> objects is provided that support the most frequently needed value types. Most of them support a common set of properties, documented below; a few other properties are defined for specific transcoder types. Since they largely all do the same thing in the same way, they're documented here together.

A particular property of the SAML schema is that <AttributeDesignator> cannot have values while <Attribute> MUST have them, so there are some built-in enforcement checks.

Note that <AttributeDesignator> elements can be mapped to and from IdPRequestedAttribute objects but the conversion is lossy due to the lack of an isRequired property in SAML and the inability to express requested values.

Common Properties

In addition to the generic properties, all SAML 1 transcoders support the following:

NameReq?TypeDefaultDescription
saml1.nameYString
The <Attribute> AttributeName  to map to and from
saml1.namespace
Stringurn:mace:shibboleth:1.0:attributeNamespace:uriThe <Attribute> AttributeNamespace to map to and from
saml1.encodeType
Booleantrue                                                                               Whether to encode values with an xsi:type attached

Transcoder Types

There are 4 built-in subtypes of SAML 1 transcoders, as follows. Each one is predefined as a Spring bean for use in rules using the "short" name of the class, as enumerated in the TranscodingRuleConfiguration reference section.

SAML1StringAttributeTranscoder

The simplest and most commonly used transcoder, it supports encoding and decoding internal values from and to the StringAttributeValue class. It supports no additional properties.

SAML1ScopedStringAttributeTranscoder

It supports encoding and decoding internal values from and to the ScopedStringAttributeValue class. It supports the following additional properties (all optional):

NameTypeDefaultDescription
saml1.scopeType"inline" or "attribute""attribute"The "style"/syntax with which to encode and decode the scope portion
saml1.scopeAttributeNameStringScopeThe name of the XML attribute to encode and decode the scope portion when saml1.scopeType is "attribute"
saml1.scopeDelimiterString@The character(s) to use to separate the value and scope when saml1.scopeType is "inline"

SAML1ByteAttributeTranscoder

It supports encoding and decoding internal values from and to the ByteAttributeValue class, with a base64 transform applied. It supports no additional properties.

SAML1XMLObjectAttributeTranscoder

It supports encoding and decoding internal values from and to the XMLObjectAttributeValue class. It supports the following additional properties (all optional):

NameTypeDefaultDescription
saml1.includeAttributeValueBooleanfalseWhen decoding, controls whether the decoded XMLObject is actually the <AttributeValue> element itself, or its child element
  • No labels