Fix typo in example.
[java-idp.git] / resources / conf / attribute-resolver.xml
1 <?xml version="1.0" encoding="UTF-8"?>
2
3 <AttributeResolver xmlns="urn:mace:shibboleth:2.0:resolver"
4                    xmlns:resolver="urn:mace:shibboleth:2.0:resolver"
5                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
6                    xmlns:pc="urn:mace:shibboleth:2.0:resolver:pc"
7                    xmlns:ad="urn:mace:shibboleth:2.0:resolver:ad"
8                        xmlns:dc="urn:mace:shibboleth:2.0:resolver:dc"
9                    xmlns:enc="urn:mace:shibboleth:2.0:attribute:encoder"
10                        xsi:schemaLocation="urn:mace:shibboleth:2.0:resolver classpath:/schema/shibboleth-2.0-attribute-resolver.xsd
11                                        urn:mace:shibboleth:2.0:resolver:pc classpath:/schema/shibboleth-2.0-attribute-resolver-pc.xsd
12                                        urn:mace:shibboleth:2.0:resolver:ad classpath:/schema/shibboleth-2.0-attribute-resolver-ad.xsd
13                                        urn:mace:shibboleth:2.0:resolver:dc classpath:/schema/shibboleth-2.0-attribute-resolver-dc.xsd
14                                        urn:mace:shibboleth:2.0:attribute:encoder classpath:/schema/shibboleth-2.0-attribute-encoder.xsd">
15
16     <!-- ========================================== -->
17     <!--      Attribute Definitions                 -->
18     <!-- ========================================== -->
19     
20     <!-- Release the Principal as an attribute and encode it as the SAML 1 and 2 name IDs -->
21     <resolver:AttributeDefinition id="principalName" xsi:type="PrincipalName" xmlns="urn:mace:shibboleth:2.0:resolver:ad">
22         <resolver:AttributeEncoder xsi:type="SAML1StringNameIdentifier" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
23                                    nameFormat="urn:oasis:names:tc:SAML:1.0:nameid-format:unspecified" />
24                                    
25         <resolver:AttributeEncoder xsi:type="SAML1StringNameIdentifier" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
26                                    nameFormat="urn:mace:shibboleth:1.0:nameIdentifier" />
27
28         <resolver:AttributeEncoder xsi:type="SAML2StringNameID" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
29                                    nameFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" />
30    </resolver:AttributeDefinition>
31     
32     <!-- Example attribute defintions -->
33     <!--
34     <resolver:AttributeDefinition id="uid" xsi:type="Simple"  xmlns="urn:mace:shibboleth:2.0:resolver:ad">
35         <resolver:Dependency ref="myLDAP" />
36         
37         <resolver:AttributeEncoder xsi:type="SAML2StringNameID" xmlns="urn:mace:shibboleth:2.0:attribute:encoder" />
38         
39         <resolver:AttributeEncoder xsi:type="enc:SAML1StringNameIdentifier" xmlns="urn:mace:shibboleth:2.0:attribute:encoder" />
40     </resolver:AttributeDefinition>
41     -->
42     
43     <!--
44     <resolver:AttributeDefinition id="scopedPrimaryAffiliation" xsi:type="Scoped"  xmlns="urn:mace:shibboleth:2.0:resolver:ad"
45                                   scope="example.org"
46                                   sourceAttributeID="eduPersonPrimaryAffiliation">
47         <resolver:Dependency ref="myLDAP" />
48         
49         <resolver:AttributeEncoder xsi:type="SAML1ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
50                                    name="urn:mace:dir:attribute-def:eduPersonScopedAffiliation"/>
51         
52         <resolver:AttributeEncoder xsi:type="SAML2ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
53                                    name="urn:mace:dir:attribute-def:eduPersonScopedAffiliation"/>
54
55     </resolver:AttributeDefinition>
56     -->
57     
58     <!--
59     <resolver:AttributeDefinition id="affiliation" xsi:type="Simple"  xmlns="urn:mace:shibboleth:2.0:resolver:ad"
60                                    sourceAttributeID="eduPersonAffiliation">
61         <resolver:Dependency ref="staticAttributes" />
62         <resolver:Dependency ref="myLDAP" />
63         
64         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
65                                    name="urn:mace:dir:attribute-def:eduPersonAffiliation"/>
66         
67         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
68                                    name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1"
69                                    friendlyName="eduPersonAffiliation"/>
70     </resolver:AttributeDefinition>
71     -->
72     
73     <!--
74     <resolver:AttributeDefinition id="fullName" xsi:type="Script" xmlns="urn:mace:shibboleth:2.0:resolver:ad">
75         <resolver:Dependency ref="myLDAP" />
76         
77         <Script>
78             <![CDATA[
79                 importPackage(Packages.edu.internet2.middleware.shibboleth.common.attribute.provider);
80                 fullname = new BasicAttribute("fullname");
81                 fullname.getValues().add(givenName.getValues().first() + " " + sn.getValues().first());
82             ]]>
83         </Script>
84     </resolver:AttributeDefinition>
85     -->
86     
87     
88     <!-- ========================================== -->
89     <!--      Data Connectors                       -->
90     <!-- ========================================== -->
91     
92     <!-- Example Static Connector -->
93     <!--
94     <resolver:DataConnector id="staticAttributes" xsi:type="Static" xmlns="urn:mace:shibboleth:2.0:resolver:dc">
95         <Attribute id="eduPersonAffiliation">
96             <Value>member</Value>
97         </Attribute>
98         <Attribute id="eduPersonEntitlement">
99             <Value>urn:example.org:entitlement:entitlement1</Value>
100             <Value>urn:mace:dir:entitlement:common-lib-terms</Value>
101         </Attribute>
102     </resolver:DataConnector>
103     -->
104     
105     <!-- Example Relational Database Connector -->
106     <!--
107     <resolver:DataConnector id="mySIS" xsi:type="RelationalDatabase" xmlns="urn:mace:shibboleth:2.0:resolver:dc">
108         <ApplicationManagedConnection jdbcDriver="oracle.jdbc.driver.OracleDriver"
109                                       jdbcUrl="jdbc:oracle:thin:@db.example.org:1521:SomeDB"
110                                       jdbcUserName="myid"
111                                       jdbcPassword="mypassword" />
112         <QueryTemplate>
113             <![CDATA[
114                  SELECT * FROM student WHERE gzbtpid = $requestContext.principalName
115              ]]>
116         </QueryTemplate>
117     
118         <Column columnName="gzbtpid" attributeID="uid"/>
119         <Column columnName="fqlft" attributeID="gpa" type="Float"/>
120     </resolver:DataConnector>
121     -->
122     
123     <!-- Example LDAP Connector -->
124     <!--
125     <resolver:DataConnector id="myLDAP" xsi:type="LDAPDirectory" xmlns="urn:mace:shibboleth:2.0:resolver:dc"
126                             ldapUrl="ldap://ldap.example.org"
127                             baseDN="ou=people,dc=example,dc=org"
128                             principal="uid=myservice,ou=system"
129                             principalCredential="myServicePassword">
130         <FilterTemplate>
131             <![CDATA[
132                 (uid=$requestContext.principalName)
133             ]]>
134         </FilterTemplate>
135     
136     </resolver:DataConnector>
137     -->
138     
139     <!-- ========================================== -->
140     <!--      Principal Connectors                  -->
141     <!-- ========================================== -->
142     <resolver:PrincipalConnector xsi:type="Direct" xmlns="urn:mace:shibboleth:2.0:resolver:pc"
143                                  id="saml1UnspecDirect"
144                                  nameIDFormat="urn:oasis:names:tc:SAML:1.0:nameid-format:unspecified" />
145                                  
146     <resolver:PrincipalConnector xsi:type="Direct" xmlns="urn:mace:shibboleth:2.0:resolver:pc"
147                                  id="shibUnspecDirect"
148                                  nameIDFormat="urn:mace:shibboleth:1.0:nameIdentifier" />
149                                  
150     <resolver:PrincipalConnector xsi:type="Direct" xmlns="urn:mace:shibboleth:2.0:resolver:pc"
151                                  id="saml2UnspecDirect"
152                                  nameIDFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" />
153
154 </AttributeResolver>