Versions Compared

Old Version 7

changes.mady.by.user Leif Johansson

Saved on

compared with

New Version Current

changes.mady.by.user Leif Johansson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3
Table of Contents
Warning

Denna metod är numera deprekerad i Shibboleth till förmån för Lagrad pseudonym identifierare

DataConnector

Skapa följande DataConnector i attribute-resolver.xml:

...

Code Block
<resolver:AttributeDefinition id="eduPersonTargetedID" xsi:type="SAML2NameID"
        xmlns="urn:mace:shibboleth:2.0:resolver:ad"
        sourceAttributeID="computedId">

   <resolver:Dependency ref="ComputedId" />

   <resolver:AttributeEncoder xsi:type="SAML1XMLObject" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" />
   
   <resolver:AttributeEncoder xsi:type="SAML2XMLObject" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" friendlyName="eduPersonTargetedID" />
</resolver:AttributeDefinition>

<resolver:AttributeDefinition id="computedId" xsi:type="ad:PrincipalName"
                              xmlns="urn:mace:shibboleth:2.0:resolver:ad"
                              sourceAttributeID="computedId">

   <resolver:Dependency ref="ComputedId"/>

   <resolver:AttributeEncoder xsi:type="SAML1StringNameIdentifier"
                               xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
                               nameFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" />

   <resolver:AttributeEncoder xsi:type="SAML2StringNameID"
                               xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
                               nameFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" />
</resolver:AttributeDefinition>

Attribute-release

Warning

Detta kommer att göra pseudonymer tillgängliga för alla SP:er vilket är SWAMIDs rekommendation. Om du inte vill lämna ut pseudonyer till alla så måste du ändra PolicyRequirementRule nedan

SWAMID rekommenderar att dessa attribut releasas till alla SP:er. Detta gör man enklast genom följande entry i attribute-filter.xml.:

Code Block
<AttributeFilterPolicy id="releasePermanentIdToAnyone">
   <PolicyRequirementRule xsi:type="basic:ANY" />
   <AttributeRule attributeID="persistentId">
      <PermitValueRule xsi:type="basic:ANY" />
   </AttributeRule>
   <AttributeRule attributeID="eduPersonTargetedID">
      <PermitValueRule xsi:type="basic:ANY" />
   </AttributeRule>
</AttributeFilterPolicy