c3dc5a050c551915188eb2f8f77d5377763577bc
[java-idp.git] / resources / conf / attribute-resolver.xml
1 <?xml version="1.0" encoding="UTF-8"?>
2
3 <AttributeResolver xmlns="urn:mace:shibboleth:2.0:resolver"
4                    xmlns:resolver="urn:mace:shibboleth:2.0:resolver"
5                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
6                    xmlns:pc="urn:mace:shibboleth:2.0:resolver:pc"
7                    xmlns:ad="urn:mace:shibboleth:2.0:resolver:ad"
8                        xmlns:dc="urn:mace:shibboleth:2.0:resolver:dc"
9                    xmlns:enc="urn:mace:shibboleth:2.0:attribute:encoder"
10                        xsi:schemaLocation="urn:mace:shibboleth:2.0:resolver classpath:/schema/shibboleth-2.0-attribute-resolver.xsd
11                                        urn:mace:shibboleth:2.0:resolver:pc classpath:/schema/shibboleth-2.0-attribute-resolver-pc.xsd
12                                        urn:mace:shibboleth:2.0:resolver:ad classpath:/schema/shibboleth-2.0-attribute-resolver-ad.xsd
13                                        urn:mace:shibboleth:2.0:resolver:dc classpath:/schema/shibboleth-2.0-attribute-resolver-dc.xsd
14                                        urn:mace:shibboleth:2.0:attribute:encoder classpath:/schema/shibboleth-2.0-attribute-encoder.xsd">
15
16     <!-- ========================================== -->
17     <!--      Attribute Definitions                 -->
18     <!-- ========================================== -->
19     
20     <!-- Release the Principal as an attribute and encode it as the SAML 1 and 2 name IDs -->
21     <resolver:AttributeDefinition id="principalName" xsi:type="ad:PrincipalName">
22         <resolver:AttributeEncoder xsi:type="enc:SAML1StringNameIdentifier"
23                                    nameFormat="urn:mace:shibboleth:1.0:nameIdentifier" />
24
25         <resolver:AttributeEncoder xsi:type="enc:SAML2StringNameID"
26                                    nameFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" />
27    </resolver:AttributeDefinition>
28     
29     <!-- Example attribute defintions -->
30     <!--
31     <resolver:AttributeDefinition id="uid" xsi:type="ad:Simple">
32         <resolver:DataConnectorDependency ref="myLDAP" />
33         
34         <resolver:AttributeEncoder xsi:type="enc:SAML2StringNameID" />
35         
36         <resolver:AttributeEncoder xsi:type="enc:SAML1StringNameIdentifier" />
37     </resolver:AttributeDefinition>
38     -->
39     
40     <!--
41     <resolver:AttributeDefinition id="scopedPrimaryAffiliation" xsi:type="ad:Scoped"
42                                   scope="example.org"
43                                   sourceAttributeID="eduPersonPrimaryAffiliation">
44         <resolver:DataConnectorDependency ref="myLDAP" />
45         
46         <resolver:AttributeEncoder xsi:type="enc:SAML1ScopedString"
47                                    name="urn:mace:dir:attribute-def:eduPersonScopedAffiliation"/>
48         
49         <resolver:AttributeEncoder xsi:type="enc:SAML2ScopedString"
50                                    name="urn:mace:dir:attribute-def:eduPersonScopedAffiliation"/>
51
52     </resolver:AttributeDefinition>
53     -->
54     
55     <!--
56     <resolver:AttributeDefinition id="affiliation" xsi:type="ad:Simple"
57                                    sourceAttribute="eduPersonAffiliation">
58         <resolver:DataConnectorDependency ref="staticAttributes" />
59         <resolver:DataConnectorDependency ref="myLDAP" />
60         
61         <resolver:AttributeEncoder xsi:type="enc:SAML1String"
62                                    name="urn:mace:dir:attribute-def:eduPersondAffiliation"/>
63         
64         <resolver:AttributeEncoder xsi:type="enc:SAML2String"
65                                    name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1"
66                                    friendlyName="eduPersonAffiliation"/>
67     </resolver:AttributeDefinition>
68     -->
69     
70     <!--
71     <resolver:AttributeDefinition id="fullName" xsi:type="Script" >
72         <resolver:DataConnectorDependency ref="myLDAP" />
73         
74         <Script>
75             <![CDATA[
76                 importPackage(Packages.edu.internet2.middleware.shibboleth.common.attribute.provider);
77                 fullname = new BasicAttribute("fullname");
78                 fullname.getValues().add(givenName.getValues().first() + " " + sn.getValues().first());
79             ]]>
80         </Script>
81     </resolver:AttributeDefinition>
82     -->
83     
84     
85     <!-- ========================================== -->
86     <!--      Data Connectors                       -->
87     <!-- ========================================== -->
88     
89     <!-- Example Static Connector -->
90     <!--
91     <resolver:DataConnector id="staticAttributes" xsi:type="dc:Static">
92         <dc:Attribute id="eduPersonAffiliation">
93             <dc:Value>member</dc:Value>
94         </dc:Attribute>
95         <dc:Attribute id="eduPersonEntitlement">
96             <dc:Value>urn:example.org:entitlement:entitlement1</dc:Value>
97             <dc:Value>urn:mace:dir:entitlement:common-lib-terms</dc:Value>
98         </dc:Attribute>
99     </resolver:DataConnector>
100     -->
101     
102     <!-- Example Relational Database Connector -->
103     <!--
104     <resolver:DataConnector id="mySIS" xsi:type="dc:RelationalDatabase">
105         <dc:ApplicationManagedConnection jdbcDriver="oracle.jdbc.driver.OracleDriver"
106                                          jdbcUrl="jdbc:oracle:thin:@db.example.org:1521:SomeDB"
107                                          jdbcUserName="myid"
108                                          jdbcPassword="mypassword" />
109         <dc:QueryTemplate>
110             <![CDATA[
111                  SELECT * FROM student WHERE gzbtpid = ${principal}
112              ]]>
113         </dc:QueryTemplate>
114     
115         <dc:Column columnName="gzbtpid" attributeID="uid"/>
116         <dc:Column columnName="fqlft" attributeID="gpa" type="Float"/>
117     </resolver:DataConnector>
118     -->
119     
120     <!-- Example LDAP Connector -->
121     <!--
122     <resolver:DataConnector id="myLDAP" xsi:type="LDAPDirectory"
123                             ldapUrl="ldap://ldap.example.org"
124                             baseDN="ou=people,dc=example,dc=org"
125                             principal="uid=myservice,ou=system"
126                             principalCredential="myServicePassword">
127         <dc:FilterTemplate>
128             <![CDATA[
129                 (uid=${principal})
130             ]]>
131         </dc:FilterTemplate>
132     
133     </resolver:DataConnector>
134     -->
135     
136     <!-- ========================================== -->
137     <!--      Principal Connectors                  -->
138     <!-- ========================================== -->
139     <resolver:PrincipalConnector xsi:type="pc:Direct" 
140                                  id="saml1UnspecDirect"
141                                  nameIDFormat="urn:oasis:names:tc:SAML:1.0:nameid-format:unspecified" />
142                                  
143     <resolver:PrincipalConnector xsi:type="pc:Direct" 
144                                  id="saml2UnspecDirect"
145                                  nameIDFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" />
146
147 </AttributeResolver>