The Shibboleth IdP V4 software will leave support on September 1, 2024.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 11 Next »

Namespace: urn:mace:shibboleth:2.0:resolver
Schema: http://shibboleth.net/schema/idp/shibboleth-attribute-resolver.xsd

Overview

The Subject DataConnector exposes IdPAttribute objects contained within Java Subject(s). It examines Subject(s) and extracts all IdPAttributePrincipal custom principal objects and their wrapped IdPAttribute objects and directly exposes them as the outputs of the connector.


The primary use case for this connector is dealing with the results of external/proxied authentication sources that pass attribute data into the IdP. It can operate in a couple of different modes, either operating against Subjects produced as a result of authentication, or against a Subject undergoing SubjectCanonicalization for use in deriving a principal name.

This is a more streamlined "bulk" alternative to the SubjectDerivedAttribute attribute definition, which can extract only a single attribute at a time. Via the new exporting feature, this connector can expose all of the data at once as a passthrough to support proxying of data.

Reference

Example

Example of a Subject DataConnector
<DataConnector id="passthroughAttributes" xsi:type="Subject" exportAttributes="foo bar baz" />


  • No labels