resolvertest

This is a test program that can be used to exercise the attribute-processing subsystems and plugins in the SP to process a SAML assertion or a user's identifier.

Successful output consists of a textual summary of the resulting attribute information. Failure results in console-directed log messages and a negative return code.

To process a complete SAML assertion, it must be provided on the stdin stream. Otherwise, the following parameters must be used:

Parameter	Description

Parameter	Description
-n	a SAML name identifier value
-f	optional SAML name identifier format
-i	entityID of an IdP
-p	a protocolSupportEnumeration value to use in finding the IdP role in metadata
-saml10	shortcut for "`-p urn:oasis:names:tc:SAML:1.0:protocol`"
-saml11	shortcut for "`-p urn:oasis:names:tc:SAML:1.1:protocol`"
-saml2	shortcut for "`-p urn:oasis:names:tc:SAML:2.0:protocol`"

in either mode (parameterized of from an incoming SAML assertion:

Parameter	Description

Parameter	Description
-a	optional applicationId to use in applying SP configuration, if other than "default"

Examples

./resolvertest -n _9f2d9fd62aa99cc43bf483045aeac123  -i https://aai-logon.switch.ch/idp/shibboleth -saml2 -f urn:oasis:names:tc:SAML:2.0:nameid-format:persistent

From which the output might be

uid: haemmerle
affiliation: staff
surname: Hämmerle
givenName: Lukas
homeOrganization: switch.ch
uniqueID: 123456abcde@switch.ch
homeOrganizationType: others
gender: 1
persistent-id: https://aai-idp.switch.ch/idp/shibboleth!https://dieng.switch.ch/shibboleth!FQdaogdLEj0iZZTIfdS3svc52WE=
mail: lukas.haemmerle@switch.ch

Service Provider 3

resolvertest

Analytics

Examples

Related content