The Shibboleth V1 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Configuring a Scriptlet Attribute Definition

NOTE: This definition has not yet been included in an !IdP release but may be retrieved from the source control system if you feel comfortable doing so until is it available in another, easier to install, from.

This attribute definition allows Java code to be written in the definition and executed when the attribute is requested. This provides nearly limitless flexability for creating or tansforming attributes.

%INCLUDE{"AttributeDefinitionBasics"}%

Configuring the Definition

  1. Create a ScriptletAttributeDefinition element with its id attribute.
  2. Create a Scriptlet element, child of ScriptletAttributeDefinition, whose content is Java code that should be executed when this attribute is requested. You may wish to place this data in a CDATA section to ensure it does not interfere with the XML processing.

The following fields are made available and may be used in the code

Field Name

Field Type

Description

resolverAttribute

edu.internet2.middleware.shibboleth.aa.attrresolv.ResolverAttribute

The incoming attribute

principal

java.security.Principal

The principal of the user whose attributes are being fetched

requester

String

The ID of the service provider to whom the attributes are going

responder

String

The ID of the identity provider

dependencies

edu.internet2.middleware.shibboleth.aa.attrresolv.Dependencies

The connectors and attributes this definition depends on

log

org.apache.log4j.Logger

The logger for this definition

Example Configuration

<ScriptletAttributeDefinition id="urn:mace:dir:attribute-def:eduPersonAffiliation">
	 <DataConnectorDependency requires="directory"/>
	 <Scriptlet>
		  <![CDATA[
				Attributes attributes = dependencies.getConnectorResolution("directory");
				Attribute affiliation = attributes.get("eduPersonAffiliation");
				if (affiliation.size() > 0) {
					 resolverAttribute.addValue("affiliate");
				}
		  ]]>
	 </Scriptlet>
</ScriptletAttributeDefinition>

%INCLUDE{"AttributeDefinitionDependencies"}%

%INCLUDE{"AttributeDefinitionErrorAndCache"}%

  • No labels