You are viewing an old version of this content. View the current version.
Compare with Current
View Version History
Version 1
Next »
Current File(s): conf/c14n/simple-subject-c14n-config.xml (V4.0), conf/c14n/subject-c14n.properties (V4.1+)
Format: Native Spring, Properties (V4.1+)
Overview
The c14n/simple post-login subject canonicalization flow does a routine extraction of a UsernamePrincipal from the Java Subject and returns it as the canonincal principal name for the subject. It also supports some optional transforms to apply to the name.
This flow will succeed if and only if the input Java Subject contains exactly one UsernamePrincipal in its collection of Principals.
General Configuration
V4.0
Use conf/c14n/simple-subject-c14n-config.xml to configure this flow.
V4.1+
Use conf/c14n/subject-c14n.properties to configure this flow.
If your system is upgraded, you may continue to use conf/c14n/simple-subject-c14n-config.xml as before, or you may remove it, while ensuring the new properties are being loaded.
The regular expression replacement feature is the only one remaining that still requires XML and you may define that bean, if needed, in conf/c14n/subject-c14n.xml
By default, the only transform applied is a trim of leading or trailing whitespace. Case-folding and regular expression replacements can be added, per the reference section below.
Reference
Beans (V4.0)
The beans defined in conf/c14n/simple-subject-c14n-config.xml follow:
Bean ID | Type | Default | Description |
|---|
shibboleth.c14n.simple.Lowercase | Boolean | false | Whether to lowercase the username |
shibboleth.c14n.simple.Uppercase | Boolean | false | Whether to uppercase the username |
shibboleth.c14n.simple.Trim | Boolean | true | Whether to trim leading and trailing whitespace from the username |
shibboleth.c14n.simple.Transforms | Pair<String,String> | | Pairs of regular expressions and replacement expressions to apply to the username |
Beans (V4.1+)
The following bean may be defined in conf/subject-c14n.xml if needed:
Bean ID | Type | Description |
|---|
shibboleth.c14n.simple.Transforms | Pair<String,String> | Pairs of regular expressions and replacement expressions to apply to the username |
Properties (V4.1+)
The following properties are commented out by default in conf/c14n/subject-c14n.properties:
Name | Type | Default | Description |
|---|
idp.c14n.simple.lowercase | Boolean | false | Whether to lowercase the username |
idp.c14n.simple.uppercase | Boolean | false | Whether to uppercase the username |
idp.c14n.simple.trim | Boolean | true | Whether to trim leading and trailing whitespace from the username |