Configure Shibboleth Service Provider for COIP
In order to get additional attributes from COIP the Shibboleth-SP needs to be configured with an AttributeResolver of type SimpleAggregation. This is accomplished with the following configuration in shibboleth2.xml:
Code Block |
---|
<AttributeResolver type="Chaining"> <AttributeResolver type="Query"/ <AttributeResolver type="SimpleAggregation" attributeId="eppn" format="urn:oid:1.3.6.1.4.1.5923.1.1.1.6:NameID"> <Entity>https://coip- |
...
test.sunet.se/idp/shibboleth</Entity>
</AttributeResolver>
</AttributeResolver>
|
Restart your Shibboleth daemon.
When you now login via your application your SP will get additional entitlement attributes from COIP.
For more information, see the official Official documentation