Adjust order of NameID encoders for transient IDs so the right 2.0 format gets used...
[java-idp.git] / resources / conf / attribute-resolver.xml
1 <?xml version="1.0" encoding="UTF-8"?>
2
3 <!-- 
4     This file is an EXAMPLE configuration file.  While the configuration presented in this 
5     example file is functional, it isn't very interesting.  However, there are lots of example
6     attributes, encoders, and a couple example data connectors.
7     
8     Not all attribute definitions, data connectors, or principal connectors are demonstrated.
9     Deployers should refer to the Shibboleth 2 documentation for a complete list of components 
10     and their options.
11 -->
12
13
14 <AttributeResolver xmlns="urn:mace:shibboleth:2.0:resolver" xmlns:resolver="urn:mace:shibboleth:2.0:resolver"
15     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:pc="urn:mace:shibboleth:2.0:resolver:pc"
16     xmlns:ad="urn:mace:shibboleth:2.0:resolver:ad" xmlns:dc="urn:mace:shibboleth:2.0:resolver:dc"
17     xmlns:enc="urn:mace:shibboleth:2.0:attribute:encoder" xmlns:sec="urn:mace:shibboleth:2.0:security"
18     xsi:schemaLocation="urn:mace:shibboleth:2.0:resolver classpath:/schema/shibboleth-2.0-attribute-resolver.xsd
19                         urn:mace:shibboleth:2.0:resolver:pc classpath:/schema/shibboleth-2.0-attribute-resolver-pc.xsd
20                         urn:mace:shibboleth:2.0:resolver:ad classpath:/schema/shibboleth-2.0-attribute-resolver-ad.xsd
21                         urn:mace:shibboleth:2.0:resolver:dc classpath:/schema/shibboleth-2.0-attribute-resolver-dc.xsd
22                         urn:mace:shibboleth:2.0:attribute:encoder classpath:/schema/shibboleth-2.0-attribute-encoder.xsd
23                         urn:mace:shibboleth:2.0:security classpath:/schema/shibboleth-2.0-security.xsd">
24
25     <!-- ========================================== -->
26     <!--      Attribute Definitions                 -->
27     <!-- ========================================== -->
28
29     <!-- Schema: Core schema attributes-->
30     <!--
31     <resolver:AttributeDefinition id="uid" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
32         sourceAttributeID="uid">
33         <resolver:Dependency ref="myLDAP" />
34
35         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
36             name="urn:mace:dir:attribute-def:uid" />
37
38         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
39             name="urn:oid:0.9.2342.19200300.100.1.1" friendlyName="uid" />
40     </resolver:AttributeDefinition>
41
42     <resolver:AttributeDefinition id="email" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
43         sourceAttributeID="mail">
44         <resolver:Dependency ref="myLDAP" />
45
46         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
47             name="urn:mace:dir:attribute-def:mail" />
48
49         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
50             name="urn:oid:0.9.2342.19200300.100.1.3" friendlyName="mail" />
51     </resolver:AttributeDefinition>
52
53     <resolver:AttributeDefinition id="homePhone" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
54         sourceAttributeID="homePhone">
55         <resolver:Dependency ref="myLDAP" />
56
57         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
58             name="urn:mace:dir:attribute-def:homePhone" />
59
60         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
61             name="urn:oid:0.9.2342.19200300.100.1.20" friendlyName="homePhone" />
62     </resolver:AttributeDefinition>
63
64     <resolver:AttributeDefinition id="homePostalAddress" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
65         sourceAttributeID="homePostalAddress">
66         <resolver:Dependency ref="myLDAP" />
67
68         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
69             name="urn:mace:dir:attribute-def:homePostalAddress" />
70
71         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
72             name="urn:oid:0.9.2342.19200300.100.1.39" friendlyName="homePostalAddress" />
73     </resolver:AttributeDefinition>
74
75     <resolver:AttributeDefinition id="mobileNumber" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
76         sourceAttributeID="mobile">
77         <resolver:Dependency ref="myLDAP" />
78
79         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
80             name="urn:mace:dir:attribute-def:mobile" />
81
82         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
83             name="urn:oid:0.9.2342.19200300.100.1.41" friendlyName="mobile" />
84     </resolver:AttributeDefinition>
85
86     <resolver:AttributeDefinition id="pagerNumber" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
87         sourceAttributeID="pager">
88         <resolver:Dependency ref="myLDAP" />
89
90         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
91             name="urn:mace:dir:attribute-def:pager" />
92
93         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
94             name="urn:oid:0.9.2342.19200300.100.1.42" friendlyName="pager" />
95     </resolver:AttributeDefinition>
96
97     <resolver:AttributeDefinition id="commonName" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
98         sourceAttributeID="cn">
99         <resolver:Dependency ref="myLDAP" />
100
101         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
102             name="urn:mace:dir:attribute-def:cn" />
103
104         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
105             name="urn:oid:2.5.4.3" friendlyName="cn" />
106     </resolver:AttributeDefinition>
107
108     <resolver:AttributeDefinition id="surname" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
109         sourceAttributeID="sn">
110         <resolver:Dependency ref="myLDAP" />
111
112         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
113             name="urn:mace:dir:attribute-def:sn" />
114
115         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
116             name="urn:oid:2.5.4.4" friendlyName="sn" />
117     </resolver:AttributeDefinition>
118
119     <resolver:AttributeDefinition id="locality" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
120         sourceAttributeID="l">
121         <resolver:Dependency ref="myLDAP" />
122
123         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
124             name="urn:mace:dir:attribute-def:l" />
125
126         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
127             name="urn:oid:2.5.4.7" friendlyName="l" />
128     </resolver:AttributeDefinition>
129
130     <resolver:AttributeDefinition id="stateProvince" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
131         sourceAttributeID="st">
132         <resolver:Dependency ref="myLDAP" />
133
134         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
135             name="urn:mace:dir:attribute-def:st" />
136
137         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
138             name="urn:oid:2.5.4.8" friendlyName="st" />
139     </resolver:AttributeDefinition>
140
141     <resolver:AttributeDefinition id="street" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
142         sourceAttributeID="street">
143         <resolver:Dependency ref="myLDAP" />
144
145         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
146             name="urn:mace:dir:attribute-def:street" />
147
148         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
149             name="urn:oid:2.5.4.9" friendlyName="street" />
150     </resolver:AttributeDefinition>
151
152     <resolver:AttributeDefinition id="organizationName" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
153         sourceAttributeID="o">
154         <resolver:Dependency ref="myLDAP" />
155
156         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
157             name="urn:mace:dir:attribute-def:o" />
158
159         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
160             name="urn:oid:2.5.4.10" friendlyName="o" />
161     </resolver:AttributeDefinition>
162
163     <resolver:AttributeDefinition id="organizationalUnit" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
164         sourceAttributeID="ou">
165         <resolver:Dependency ref="myLDAP" />
166
167         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
168             name="urn:mace:dir:attribute-def:ou" />
169
170         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
171             name="urn:oid:2.5.4.11" friendlyName="ou" />
172     </resolver:AttributeDefinition>
173
174     <resolver:AttributeDefinition id="title" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
175         sourceAttributeID="title">
176         <resolver:Dependency ref="myLDAP" />
177
178         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
179             name="urn:mace:dir:attribute-def:title" />
180
181         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
182             name="urn:oid:2.5.4.12" friendlyName="title" />
183     </resolver:AttributeDefinition>
184
185     <resolver:AttributeDefinition id="postalAddress" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
186         sourceAttributeID="postalAddress">
187         <resolver:Dependency ref="myLDAP" />
188
189         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
190             name="urn:mace:dir:attribute-def:postalAddress" />
191
192         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
193             name="urn:oid:2.5.4.16" friendlyName="postalAddress" />
194     </resolver:AttributeDefinition>
195
196     <resolver:AttributeDefinition id="postalCode" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
197         sourceAttributeID="postalCode">
198         <resolver:Dependency ref="myLDAP" />
199
200         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
201             name="urn:mace:dir:attribute-def:postalCode" />
202
203         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
204             name="urn:oid:2.5.4.17" friendlyName="postalCode" />
205     </resolver:AttributeDefinition>
206
207     <resolver:AttributeDefinition id="postOfficeBox" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
208         sourceAttributeID="postOfficeBox">
209         <resolver:Dependency ref="myLDAP" />
210
211         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
212             name="urn:mace:dir:attribute-def:postOfficeBox" />
213
214         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
215             name="urn:oid:2.5.4.18" friendlyName="postOfficeBox" />
216     </resolver:AttributeDefinition>
217
218     <resolver:AttributeDefinition id="telephoneNumber" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
219         sourceAttributeID="telephoneNumber">
220         <resolver:Dependency ref="myLDAP" />
221
222         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
223             name="urn:mace:dir:attribute-def:telephoneNumber" />
224
225         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
226             name="urn:oid:2.5.4.20" friendlyName="telephoneNumber" />
227     </resolver:AttributeDefinition>
228
229     <resolver:AttributeDefinition id="givenName" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
230         sourceAttributeID="givenName">
231         <resolver:Dependency ref="myLDAP" />
232
233         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
234             name="urn:mace:dir:attribute-def:givenName" />
235
236         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
237             name="urn:oid:2.5.4.42" friendlyName="givenName" />
238     </resolver:AttributeDefinition>
239
240     <resolver:AttributeDefinition id="initials" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
241         sourceAttributeID="initials">
242         <resolver:Dependency ref="myLDAP" />
243
244         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
245             name="urn:mace:dir:attribute-def:initials" />
246
247         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
248             name="urn:oid:2.5.4.43" friendlyName="initials" />
249     </resolver:AttributeDefinition>
250      -->
251
252     <!-- Schema: inetOrgPerson attributes-->
253     <!--
254     <resolver:AttributeDefinition id="departmentNumber" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
255         sourceAttributeID="departmentNumber">
256         <resolver:Dependency ref="myLDAP" />
257
258         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
259             name="urn:mace:dir:attribute-def:departmentNumber" />
260
261         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
262             name="urn:oid:2.16.840.1.113730.3.1.2" friendlyName="departmentNumber" />
263     </resolver:AttributeDefinition>
264
265     <resolver:AttributeDefinition id="employeeNumber" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
266         sourceAttributeID="employeeNumber">
267         <resolver:Dependency ref="myLDAP" />
268
269         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
270             name="urn:mace:dir:attribute-def:employeeNumber" />
271
272         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
273             name="urn:oid:2.16.840.1.113730.3.1.3" friendlyName="employeeNumber" />
274     </resolver:AttributeDefinition>
275
276     <resolver:AttributeDefinition id="employeeType" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
277         sourceAttributeID="employeeType">
278         <resolver:Dependency ref="myLDAP" />
279
280         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
281             name="urn:mace:dir:attribute-def:employeeType" />
282
283         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
284             name="urn:oid:2.16.840.1.113730.3.1.4" friendlyName="employeeType" />
285     </resolver:AttributeDefinition>
286
287     <resolver:AttributeDefinition id="jpegPhoto" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
288         sourceAttributeID="jpegPhoto">
289         <resolver:Dependency ref="myLDAP" />
290
291         <resolver:AttributeEncoder xsi:type="SAML1Base64" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
292             name="urn:mace:dir:attribute-def:jpegPhoto" />
293
294         <resolver:AttributeEncoder xsi:type="SAML2Base64" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
295             name="urn:oid:0.9.2342.19200300.100.1.60" friendlyName="jpegPhoto" />
296     </resolver:AttributeDefinition>
297
298     <resolver:AttributeDefinition id="preferredLanguage" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
299         sourceAttributeID="preferredLanguage">
300         <resolver:Dependency ref="myLDAP" />
301
302         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
303             name="urn:mace:dir:attribute-def:preferredLanguage" />
304
305         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
306             name="urn:oid:2.16.840.1.113730.3.1.39" friendlyName="preferredLanguage" />
307     </resolver:AttributeDefinition>
308     -->
309
310     <!-- Schema: eduPerson attributes -->
311     <!--
312     <resolver:AttributeDefinition id="eduPersonAffiliation" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
313         sourceAttributeID="eduPersonAffiliation">
314         <resolver:Dependency ref="staticAttributes" />
315         <resolver:Dependency ref="myLDAP" />
316
317         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
318             name="urn:mace:dir:attribute-def:eduPersonAffiliation" />
319
320         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
321             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1" friendlyName="eduPersonAffiliation" />
322     </resolver:AttributeDefinition>
323
324     <resolver:AttributeDefinition id="eduPersonEntitlement" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
325         sourceAttributeID="eduPersonEntitlement">
326         <resolver:Dependency ref="myLDAP" />
327
328         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
329             name="urn:mace:dir:attribute-def:eduPersonEntitlement" />
330
331         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
332             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" friendlyName="eduPersonEntitlement" />
333     </resolver:AttributeDefinition>
334
335     <resolver:AttributeDefinition id="eduPersonNickname" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
336         sourceAttributeID="eduPersonNickname">
337         <resolver:Dependency ref="myLDAP" />
338
339         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
340             name="urn:mace:dir:attribute-def:eduPersonNickname" />
341
342         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
343             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.2" friendlyName="eduPersonNickname" />
344     </resolver:AttributeDefinition>
345
346     <resolver:AttributeDefinition id="eduPersonOrgDN" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
347         sourceAttributeID="eduPersonOrgDN">
348         <resolver:Dependency ref="myLDAP" />
349
350         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
351             name="urn:mace:dir:attribute-def:eduPersonOrgDN" />
352
353         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
354             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.3" friendlyName="eduPersonOrgDN" />
355     </resolver:AttributeDefinition>
356
357     <resolver:AttributeDefinition id="eduPersonOrgUnitDN" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
358         sourceAttributeID="eduPersonOrgUnitDN">
359         <resolver:Dependency ref="myLDAP" />
360
361         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
362             name="urn:mace:dir:attribute-def:eduPersonOrgUnitDN" />
363
364         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
365             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.4" friendlyName="eduPersonOrgUnitDN" />
366     </resolver:AttributeDefinition>
367
368     <resolver:AttributeDefinition id="eduPersonPrimaryAffiliation" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
369         sourceAttributeID="eduPersonPrimaryAffiliation">
370         <resolver:Dependency ref="myLDAP" />
371
372         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
373             name="urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation" />
374
375         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
376             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.5" friendlyName="eduPersonPrimaryAffiliation" />
377     </resolver:AttributeDefinition>
378
379     <resolver:AttributeDefinition id="eduPersonPrimaryOrgUnitDN" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
380         sourceAttributeID="eduPersonPrimaryOrgUnitDN">
381         <resolver:Dependency ref="myLDAP" />
382
383         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
384             name="urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN" />
385
386         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
387             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.8" friendlyName="eduPersonPrimaryOrgUnitDN" />
388     </resolver:AttributeDefinition>
389
390     <resolver:AttributeDefinition id="eduPersonPrincipalName" xsi:type="Scoped" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
391         scope="example.org" sourceAttributeID="uid">
392         <resolver:Dependency ref="myLDAP" />
393
394         <resolver:AttributeEncoder xsi:type="SAML1ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
395             name="urn:mace:dir:attribute-def:eduPersonPrincipalName" />
396
397         <resolver:AttributeEncoder xsi:type="SAML2ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
398             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" friendlyName="eduPersonPrincipalName" />
399     </resolver:AttributeDefinition>
400
401     <resolver:AttributeDefinition id="eduPersonScopedAffiliation" xsi:type="Scoped" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
402         scope="example.org" sourceAttributeID="eduPersonAffiliation">
403         <resolver:Dependency ref="myLDAP" />
404
405         <resolver:AttributeEncoder xsi:type="SAML1ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
406             name="urn:mace:dir:attribute-def:eduPersonScopedAffiliation" />
407
408         <resolver:AttributeEncoder xsi:type="SAML2ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
409             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" friendlyName="eduPersonScopedAffiliation" />
410     </resolver:AttributeDefinition>
411         
412     <resolver:AttributeDefinition id="eduPersonTargetedID.old" xsi:type="Scoped" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
413         scope="iay.org.uk" sourceAttributeID="computedID">
414         <resolver:Dependency ref="computedID" />
415
416         <resolver:AttributeEncoder xsi:type="SAML1ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
417             name="urn:mace:dir:attribute-def:eduPersonTargetedID" />
418     </resolver:AttributeDefinition>
419
420     <resolver:AttributeDefinition id="eduPersonTargetedID" xsi:type="SAML2NameID" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
421         nameIdFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
422         sourceAttributeID="computedID">
423         <resolver:Dependency ref="computedID" />
424
425         <resolver:AttributeEncoder xsi:type="SAML1XMLObject" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
426                 name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" />
427     
428         <resolver:AttributeEncoder xsi:type="SAML2XMLObject" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
429                 name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" friendlyName="eduPersonTargetedID" />
430     </resolver:AttributeDefinition>
431     -->
432
433     <!-- Name Identifier related attributes -->
434     <resolver:AttributeDefinition id="transientId" xsi:type="TransientId" xmlns="urn:mace:shibboleth:2.0:resolver:ad">
435         <resolver:AttributeEncoder xsi:type="SAML1StringNameIdentifier" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
436             nameFormat="urn:mace:shibboleth:1.0:nameIdentifier" />
437             
438         <resolver:AttributeEncoder xsi:type="SAML1StringNameIdentifier" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
439             nameFormat="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" />
440
441         <resolver:AttributeEncoder xsi:type="SAML2StringNameID" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
442             nameFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" />
443
444         <resolver:AttributeEncoder xsi:type="SAML2StringNameID" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
445             nameFormat="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" />
446     </resolver:AttributeDefinition>
447
448     <!-- ========================================== -->
449     <!--      Data Connectors                       -->
450     <!-- ========================================== -->
451
452     <!-- Example Static Connector -->
453     <!--
454     <resolver:DataConnector id="staticAttributes" xsi:type="Static" xmlns="urn:mace:shibboleth:2.0:resolver:dc">
455         <Attribute id="eduPersonAffiliation">
456             <Value>member</Value>
457         </Attribute>
458         <Attribute id="eduPersonEntitlement">
459             <Value>urn:example.org:entitlement:entitlement1</Value>
460             <Value>urn:mace:dir:entitlement:common-lib-terms</Value>
461         </Attribute>
462     </resolver:DataConnector>
463     -->
464
465     <!-- Example Relational Database Connector -->
466     <!--
467     <resolver:DataConnector id="mySIS" xsi:type="RelationalDatabase" xmlns="urn:mace:shibboleth:2.0:resolver:dc">
468         <ApplicationManagedConnection jdbcDriver="oracle.jdbc.driver.OracleDriver"
469             jdbcURL="jdbc:oracle:thin:@db.example.org:1521:SomeDB" jdbcUserName="myid" jdbcPassword="mypassword" />
470         <QueryTemplate>
471             <![CDATA[
472                 SELECT * FROM student WHERE gzbtpid = $requestContext.principalName
473             ]]>
474         </QueryTemplate>
475
476         <Column columnName="gzbtpid" attributeID="uid" />
477         <Column columnName="fqlft" attributeID="gpa" type="Float" />
478     </resolver:DataConnector>
479      -->
480
481     <!-- Example LDAP Connector -->
482     <!--
483     <resolver:DataConnector id="myLDAP" xsi:type="LDAPDirectory" xmlns="urn:mace:shibboleth:2.0:resolver:dc"
484         ldapURL="ldap://ldap.example.org" baseDN="ou=people,dc=example,dc=org" principal="uid=myservice,ou=system"
485         principalCredential="myServicePassword">
486         <FilterTemplate>
487             <![CDATA[
488                 (uid=$requestContext.principalName)
489             ]]>
490         </FilterTemplate>
491     </resolver:DataConnector>
492     -->
493     
494     <!-- Computed targeted ID connector -->
495     <!--
496     <resolver:DataConnector xsi:type="ComputedId" xmlns="urn:mace:shibboleth:2.0:resolver:dc"
497                             id="computedID"
498                             generatedAttributeID="computedID"
499                             sourceAttributeID="uid"
500                             salt="your random string here">
501         <resolver:Dependency ref="myLDAP" />
502     </resolver:DataConnector> 
503     -->
504
505     <!-- ========================================== -->
506     <!--      Principal Connectors                  -->
507     <!-- ========================================== -->
508     <resolver:PrincipalConnector xsi:type="Transient" xmlns="urn:mace:shibboleth:2.0:resolver:pc" id="shibTransient"
509         nameIDFormat="urn:mace:shibboleth:1.0:nameIdentifier" />
510         
511     <resolver:PrincipalConnector xsi:type="Transient" xmlns="urn:mace:shibboleth:2.0:resolver:pc" id="saml1Unspec"
512         nameIDFormat="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" />
513
514     <resolver:PrincipalConnector xsi:type="Transient" xmlns="urn:mace:shibboleth:2.0:resolver:pc" id="saml2Transient"
515         nameIDFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" />
516
517 </AttributeResolver>