The Shibboleth IdP V4 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only. See the IDP5 wiki space for current documentation on the supported version.

Developing Attribute Resolver Extensions

Overview

bla bla bla

Implement the function

Data Connectors

Extend AbstractDataConnector and implement:

Method

Required

Purpose

Method

Required

Purpose

doDataConnectorResolve

Yes

Return a newly created and fully populated Map<String, IdPAttribute>

doInitialize

No

To check any preconditions before the resolver is first used

Ensure that there is a call to super.doInitialize() 

doDestroy

No

To tear down any structures when the Data Connector is finished with (due to shutdown or reload)

Ensure that there is a call to super.doDestroy()   

The above are the methods you are most likely to implement.  There are others, consult the javadoc for the Abstract Class and its parent classes for more details.

Attribute Definitions

Extend AbstractAttributeDefinition and implement:

Method

Required

Purpose

Method

Required

Purpose

doAttributeDefinitionResolve

Yes

Return a newly created and fully populated IdPAttribute

doInitialize

No

To check any preconditions before the resolver is first used.

Ensure that there is a call to super.doInitialize() 

doDestroy

No

To tear down any structures when the resolver is finished with (due to shutdown or reload)

Ensure that there is a call to super.doDestroy()  

The above are the methods you are most likely to implement.  There are others, consult the Javadoc for the abstract Class and its parent classes for more details.

Parsers

In order to write a parser you must first devise the schema to describe the plugin.  This schema should

  1. Be made available to the IdP in the src\main\resources\schema directory of your project

  2. Be available at an http: location

  3. But also have a mapping available in the src\main\resources\META-INF\spring.schemas directory of your project.

  4. (optionally) be overridden in eclipse.

After which bla bla bla

Do I need a Factory Bean?

See this discussion

Data Connector Parsers

Extend AbstractDataConnectorParser and implement:

Method

Required

Purpose

Method

Required

Purpose

getNativeBeanClass

Yes

Return the class that your Data Connector Implements (or an appropriate Factory Bean)

doV2Parse

Yes

To parse your native Schema and populate the Data Connector or its Factory Bean

 The above are the methods you have to implement.  There are others, consult the Javadoc for the abstract class and its parent classes for more details.

Attribute Definition Parsers

Extend BaseAttributeDefinitionParser and implement:

Method

Required

Purpose

Method

Required

Purpose

getBeanClass

Yes

Return the class that your Attribute Resolver Implements (or an appropriate Factory Bean)

doParse

Yes

To parse your native Schema and populate the Data Connector or its Factory Bean

Ensure that this methods starts with a call to super.doParse() 

 The above are the methods you have to implement.  There are others, consult the Javadoc for the abstract class and its parent classes for more details.

Native Spring Configuration

It is possible to configure a data connector in "native" Spring and refer to it (as a dependency) in the proprietary syntax attribute-resolver.xml file.

 

You nearly always a bad idea.

There is often a need to do some natic spring programming but the best way is to separate out what you need into a different bean and inject it by name into the custom syntax.

Native Spring Configuration of the Static Data Connector"
<bean class="net.shibboleth.idp.attribute.resolver.dc.impl.StaticDataConnector" id="staticAttributes"> <property name="values"> <list> <bean class="net.shibboleth.idp.attribute.IdPAttribute" c:attributeId="staticEpA"> <property name="values"> <bean class="net.shibboleth.idp.attribute.StringAttributeValue" c:attributeValue="member" /> </property> </bean> <bean class="net.shibboleth.idp.attribute.IdPAttribute" c:attributeId="eduPersonEntitlement"> <property name="values"> <list> <bean class="net.shibboleth.idp.attribute.StringAttributeValue" c:attributeValue="urn:example.org:entitlement:entitlement1" /> <bean class="net.shibboleth.idp.attribute.StringAttributeValue" c:attributeValue="urn:mace:dir:entitlement:common-lib-terms" /> </list> </property> </bean> </list> </property> </bean>
Using a Natively define Connector
<resolver:AttributeDefinition xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad" id="eduPersonAffiliation" sourceAttributeID="staticEpA"> <resolver:Dependency ref="staticAttributes" /> </resolver:AttributeDefinition>

 

The native Spring configuration must not go onto the global.xml file.  It has to be contained in a file which is a peer of the attribute-resolver.xml file in the bean defined by idp.service.attribute.resolver.resources (see services.properties).

In a standard distribution this bean is defined in services.xml.



Native Spring Configuration of the Static Data Connector"
<util:list id ="shibboleth.AttributeResolverResources"> <value>%{idp.home}/conf/attribute-resolver.xml</value> <value>%{idp.home}/conf/your-native-spring-dataconnector.xml</value> </util:list>

Dependencies

Injecting dependencies into a Attribute Resolver Plugin using native spring is possible, but requires understanding how the Attribute Resolver handles Dependencies.

TBD