fix typo
[java-idp.git] / resources / conf / attribute-resolver.xml
1 <?xml version="1.0" encoding="UTF-8"?>
2
3 <!-- 
4     This file is an EXAMPLE configuration file.  Deployers should NOT attempt to use this 
5     without modifying it for their environment.  In particular, deployers will need to edit 
6     data connector configurations.
7     
8     Not all attribute definitions, data connectors, or principal connectors are demonstrated.
9     Deployers should refer to the Shibboleth 2 documentation for a complete list of components 
10     and their options.
11 -->
12
13
14 <AttributeResolver xmlns="urn:mace:shibboleth:2.0:resolver" xmlns:resolver="urn:mace:shibboleth:2.0:resolver"
15     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:pc="urn:mace:shibboleth:2.0:resolver:pc"
16     xmlns:ad="urn:mace:shibboleth:2.0:resolver:ad" xmlns:dc="urn:mace:shibboleth:2.0:resolver:dc"
17     xmlns:enc="urn:mace:shibboleth:2.0:attribute:encoder" xmlns:sec="urn:mace:shibboleth:2.0:security"
18     xsi:schemaLocation="urn:mace:shibboleth:2.0:resolver classpath:/schema/shibboleth-2.0-attribute-resolver.xsd
19                         urn:mace:shibboleth:2.0:resolver:pc classpath:/schema/shibboleth-2.0-attribute-resolver-pc.xsd
20                         urn:mace:shibboleth:2.0:resolver:ad classpath:/schema/shibboleth-2.0-attribute-resolver-ad.xsd
21                         urn:mace:shibboleth:2.0:resolver:dc classpath:/schema/shibboleth-2.0-attribute-resolver-dc.xsd
22                         urn:mace:shibboleth:2.0:attribute:encoder classpath:/schema/shibboleth-2.0-attribute-encoder.xsd
23                         urn:mace:shibboleth:2.0:security classpath:/schema/shibboleth-2.0-security.xsd">
24
25     <!-- ========================================== -->
26     <!--      Attribute Definitions                 -->
27     <!-- ========================================== -->
28
29     <!-- Schema: Core schema attributes-->
30     <resolver:AttributeDefinition id="uid" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
31         sourceAttributeID="uid">
32         <resolver:Dependency ref="myLDAP" />
33
34         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
35             name="urn:mace:dir:attribute-def:uid" />
36
37         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
38             name="urn:oid:0.9.2342.19200300.100.1.1" friendlyName="uid" />
39     </resolver:AttributeDefinition>
40
41     <resolver:AttributeDefinition id="mail" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
42         sourceAttributeID="mail">
43         <resolver:Dependency ref="myLDAP" />
44
45         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
46             name="urn:mace:dir:attribute-def:mail" />
47
48         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
49             name="urn:oid:0.9.2342.19200300.100.1.3" friendlyName="mail" />
50     </resolver:AttributeDefinition>
51
52     <resolver:AttributeDefinition id="homePhone" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
53         sourceAttributeID="homePhone">
54         <resolver:Dependency ref="myLDAP" />
55
56         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
57             name="urn:mace:dir:attribute-def:homePhone" />
58
59         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
60             name="urn:oid:0.9.2342.19200300.100.1.20" friendlyName="homePhone" />
61     </resolver:AttributeDefinition>
62
63     <resolver:AttributeDefinition id="homePostalAddress" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
64         sourceAttributeID="homePostalAddress">
65         <resolver:Dependency ref="myLDAP" />
66
67         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
68             name="urn:mace:dir:attribute-def:homePostalAddress" />
69
70         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
71             name="urn:oid:0.9.2342.19200300.100.1.39" friendlyName="homePostalAddress" />
72     </resolver:AttributeDefinition>
73
74     <resolver:AttributeDefinition id="mobile" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
75         sourceAttributeID="mobile">
76         <resolver:Dependency ref="myLDAP" />
77
78         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
79             name="urn:mace:dir:attribute-def:mobile" />
80
81         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
82             name="urn:oid:0.9.2342.19200300.100.1.41" friendlyName="mobile" />
83     </resolver:AttributeDefinition>
84
85     <resolver:AttributeDefinition id="pager" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
86         sourceAttributeID="pager">
87         <resolver:Dependency ref="myLDAP" />
88
89         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
90             name="urn:mace:dir:attribute-def:pager" />
91
92         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
93             name="urn:oid:0.9.2342.19200300.100.1.42" friendlyName="pager" />
94     </resolver:AttributeDefinition>
95
96     <resolver:AttributeDefinition id="uniqueId" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
97         sourceAttributeID="uniqueIdentifier">
98         <resolver:Dependency ref="myLDAP" />
99
100         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
101             name="urn:mace:dir:attribute-def:uniqueIdentifier" />
102
103         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
104             name="urn:oid:0.9.2342.19200300.100.1.44" friendlyName="uniqueIdentifier" />
105     </resolver:AttributeDefinition>
106
107     <resolver:AttributeDefinition id="cn" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
108         sourceAttributeID="cn">
109         <resolver:Dependency ref="myLDAP" />
110
111         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
112             name="urn:mace:dir:attribute-def:cn" />
113
114         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
115             name="urn:oid:2.5.4.3" friendlyName="cn" />
116     </resolver:AttributeDefinition>
117
118     <resolver:AttributeDefinition id="surname" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
119         sourceAttributeID="surname">
120         <resolver:Dependency ref="myLDAP" />
121
122         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
123             name="urn:mace:dir:attribute-def:surname" />
124
125         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
126             name="urn:oid:2.5.4.4" friendlyName="surname" />
127     </resolver:AttributeDefinition>
128
129     <resolver:AttributeDefinition id="countryName" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
130         sourceAttributeID="countryName">
131         <resolver:Dependency ref="myLDAP" />
132
133         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
134             name="urn:mace:dir:attribute-def:countryName" />
135
136         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
137             name="urn:oid:2.5.4.6" friendlyName="countryName" />
138     </resolver:AttributeDefinition>
139
140     <resolver:AttributeDefinition id="localityName" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
141         sourceAttributeID="localityName">
142         <resolver:Dependency ref="myLDAP" />
143
144         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
145             name="urn:mace:dir:attribute-def:localityName" />
146
147         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
148             name="urn:oid:2.5.4.7" friendlyName="localityName" />
149     </resolver:AttributeDefinition>
150
151     <resolver:AttributeDefinition id="stateOrProvinceName" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
152         sourceAttributeID="stateOrProvinceName">
153         <resolver:Dependency ref="myLDAP" />
154
155         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
156             name="urn:mace:dir:attribute-def:stateOrProvinceName" />
157
158         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
159             name="urn:oid:2.5.4.8" friendlyName="stateOrProvinceName" />
160     </resolver:AttributeDefinition>
161
162     <resolver:AttributeDefinition id="streetAddress" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
163         sourceAttributeID="streetAddress">
164         <resolver:Dependency ref="myLDAP" />
165
166         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
167             name="urn:mace:dir:attribute-def:streetAddress" />
168
169         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
170             name="urn:oid:2.5.4.9" friendlyName="streetAddress" />
171     </resolver:AttributeDefinition>
172
173     <resolver:AttributeDefinition id="organizationName" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
174         sourceAttributeID="organizationName">
175         <resolver:Dependency ref="myLDAP" />
176
177         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
178             name="urn:mace:dir:attribute-def:organizationName" />
179
180         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
181             name="urn:oid:2.5.4.10" friendlyName="organizationName" />
182     </resolver:AttributeDefinition>
183
184     <resolver:AttributeDefinition id="organizationalUnitName" xsi:type="Simple"
185         xmlns="urn:mace:shibboleth:2.0:resolver:ad" sourceAttributeID="organizationalUnitName">
186         <resolver:Dependency ref="myLDAP" />
187
188         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
189             name="urn:mace:dir:attribute-def:organizationalUnitName" />
190
191         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
192             name="urn:oid:2.5.4.11" friendlyName="organizationalUnitName" />
193     </resolver:AttributeDefinition>
194
195     <resolver:AttributeDefinition id="title" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
196         sourceAttributeID="title">
197         <resolver:Dependency ref="myLDAP" />
198
199         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
200             name="urn:mace:dir:attribute-def:title" />
201
202         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
203             name="urn:oid:2.5.4.12" friendlyName="title" />
204     </resolver:AttributeDefinition>
205
206     <resolver:AttributeDefinition id="postalAddress" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
207         sourceAttributeID="postalAddress">
208         <resolver:Dependency ref="myLDAP" />
209
210         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
211             name="urn:mace:dir:attribute-def:postalAddress" />
212
213         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
214             name="urn:oid:2.5.4.16" friendlyName="postalAddress" />
215     </resolver:AttributeDefinition>
216
217     <resolver:AttributeDefinition id="postalCode" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
218         sourceAttributeID="postalCode">
219         <resolver:Dependency ref="myLDAP" />
220
221         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
222             name="urn:mace:dir:attribute-def:postalCode" />
223
224         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
225             name="urn:oid:2.5.4.17" friendlyName="postalCode" />
226     </resolver:AttributeDefinition>
227
228     <resolver:AttributeDefinition id="postOfficeBox" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
229         sourceAttributeID="postOfficeBox">
230         <resolver:Dependency ref="myLDAP" />
231
232         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
233             name="urn:mace:dir:attribute-def:postOfficeBox" />
234
235         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
236             name="urn:oid:2.5.4.18" friendlyName="postOfficeBox" />
237     </resolver:AttributeDefinition>
238
239     <resolver:AttributeDefinition id="telephoneNumber" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
240         sourceAttributeID="telephoneNumber">
241         <resolver:Dependency ref="myLDAP" />
242
243         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
244             name="urn:mace:dir:attribute-def:telephoneNumber" />
245
246         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
247             name="urn:oid:2.5.4.20" friendlyName="telephoneNumber" />
248     </resolver:AttributeDefinition>
249
250     <resolver:AttributeDefinition id="member" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
251         sourceAttributeID="member">
252         <resolver:Dependency ref="myLDAP" />
253
254         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
255             name="urn:mace:dir:attribute-def:member" />
256
257         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
258             name="urn:oid:2.5.4.31" friendlyName="member" />
259     </resolver:AttributeDefinition>
260
261     <resolver:AttributeDefinition id="name" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
262         sourceAttributeID="name">
263         <resolver:Dependency ref="myLDAP" />
264
265         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
266             name="urn:mace:dir:attribute-def:name" />
267
268         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
269             name="urn:oid:2.5.4.41" friendlyName="name" />
270     </resolver:AttributeDefinition>
271
272     <resolver:AttributeDefinition id="givenName" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
273         sourceAttributeID="givenName">
274         <resolver:Dependency ref="myLDAP" />
275
276         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
277             name="urn:mace:dir:attribute-def:givenName" />
278
279         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
280             name="urn:oid:2.5.4.42" friendlyName="givenName" />
281     </resolver:AttributeDefinition>
282
283     <resolver:AttributeDefinition id="initials" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
284         sourceAttributeID="initials">
285         <resolver:Dependency ref="myLDAP" />
286
287         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
288             name="urn:mace:dir:attribute-def:initials" />
289
290         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
291             name="urn:oid:2.5.4.43" friendlyName="initials" />
292     </resolver:AttributeDefinition>
293
294     <resolver:AttributeDefinition id="distinguishedName" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
295         sourceAttributeID="distinguishedName">
296         <resolver:Dependency ref="myLDAP" />
297
298         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
299             name="urn:mace:dir:attribute-def:distinguishedName" />
300
301         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
302             name="urn:oid:2.5.4.49" friendlyName="distinguishedName" />
303     </resolver:AttributeDefinition>
304
305     <!-- Schema: inetOrgPerson attributes-->
306     <resolver:AttributeDefinition id="departmentNumber" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
307         sourceAttributeID="departmentNumber">
308         <resolver:Dependency ref="myLDAP" />
309
310         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
311             name="urn:mace:dir:attribute-def:departmentNumber" />
312
313         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
314             name="urn:oid:2.16.840.1.113730.3.1.2" friendlyName="departmentNumber" />
315     </resolver:AttributeDefinition>
316
317     <resolver:AttributeDefinition id="employeeNumber" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
318         sourceAttributeID="employeeNumber">
319         <resolver:Dependency ref="myLDAP" />
320
321         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
322             name="urn:mace:dir:attribute-def:employeeNumber" />
323
324         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
325             name="urn:oid:2.16.840.1.113730.3.1.3" friendlyName="employeeNumber" />
326     </resolver:AttributeDefinition>
327
328     <resolver:AttributeDefinition id="employeeType" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
329         sourceAttributeID="employeeType">
330         <resolver:Dependency ref="myLDAP" />
331
332         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
333             name="urn:mace:dir:attribute-def:employeeType" />
334
335         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
336             name="urn:oid:2.16.840.1.113730.3.1.4" friendlyName="employeeType" />
337     </resolver:AttributeDefinition>
338
339     <resolver:AttributeDefinition id="jpegPhoto" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
340         sourceAttributeID="jpegPhoto">
341         <resolver:Dependency ref="myLDAP" />
342
343         <resolver:AttributeEncoder xsi:type="SAML1Base64" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
344             name="urn:mace:dir:attribute-def:jpegPhoto" />
345
346         <resolver:AttributeEncoder xsi:type="SAML2Base64" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
347             name="urn:oid:0.9.2342.19200300.100.1.60" friendlyName="jpegPhoto" />
348     </resolver:AttributeDefinition>
349
350     <resolver:AttributeDefinition id="preferredLanguage" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
351         sourceAttributeID="preferredLanguage">
352         <resolver:Dependency ref="myLDAP" />
353
354         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
355             name="urn:mace:dir:attribute-def:preferredLanguage" />
356
357         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
358             name="urn:oid:2.16.840.1.113730.3.1.39" friendlyName="preferredLanguage" />
359     </resolver:AttributeDefinition>
360
361     <!-- Schema: eduPerson attributes-->
362     <resolver:AttributeDefinition id="affiliation" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
363         sourceAttributeID="eduPersonAffiliation">
364         <resolver:Dependency ref="staticAttributes" />
365         <resolver:Dependency ref="myLDAP" />
366
367         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
368             name="urn:mace:dir:attribute-def:eduPersonAffiliation" />
369
370         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
371             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1" friendlyName="eduPersonAffiliation" />
372     </resolver:AttributeDefinition>
373
374     <resolver:AttributeDefinition id="entitlement" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
375         sourceAttributeID="eduPersonEntitlement">
376         <resolver:Dependency ref="myLDAP" />
377
378         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
379             name="urn:mace:dir:attribute-def:eduPersonEntitlement" />
380
381         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
382             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" friendlyName="eduPersonEntitlement" />
383     </resolver:AttributeDefinition>
384
385     <resolver:AttributeDefinition id="nickname" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
386         sourceAttributeID="eduPersonNickname">
387         <resolver:Dependency ref="myLDAP" />
388
389         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
390             name="urn:mace:dir:attribute-def:eduPersonNickname" />
391
392         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
393             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.2" friendlyName="eduPersonNickname" />
394     </resolver:AttributeDefinition>
395
396     <resolver:AttributeDefinition id="orgDN" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
397         sourceAttributeID="eduPersonOrgDN">
398         <resolver:Dependency ref="myLDAP" />
399
400         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
401             name="urn:mace:dir:attribute-def:eduPersonOrgDN" />
402
403         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
404             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.3" friendlyName="eduPersonOrgDN" />
405     </resolver:AttributeDefinition>
406
407     <resolver:AttributeDefinition id="orgUnitDN" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
408         sourceAttributeID="eduPersonOrgUnitDN">
409         <resolver:Dependency ref="myLDAP" />
410
411         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
412             name="urn:mace:dir:attribute-def:eduPersonOrgUnitDN" />
413
414         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
415             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.4" friendlyName="eduPersonOrgUnitDN" />
416     </resolver:AttributeDefinition>
417
418     <resolver:AttributeDefinition id="primaryAffiliation" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
419         sourceAttributeID="eduPersonPrimaryAffiliation">
420         <resolver:Dependency ref="myLDAP" />
421
422         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
423             name="urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation" />
424
425         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
426             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.5" friendlyName="eduPersonPrimaryAffiliation" />
427     </resolver:AttributeDefinition>
428
429     <resolver:AttributeDefinition id="primaryOrgUnitDN" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
430         sourceAttributeID="eduPersonPrimaryOrgUnitDN">
431         <resolver:Dependency ref="myLDAP" />
432
433         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
434             name="urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN" />
435
436         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
437             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.8" friendlyName="eduPersonPrimaryOrgUnitDN" />
438     </resolver:AttributeDefinition>
439
440     <resolver:AttributeDefinition id="principalName" xsi:type="Scoped" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
441         scope="example.org" sourceAttributeID="eduPersonPrincipalName">
442         <resolver:Dependency ref="myLDAP" />
443
444         <resolver:AttributeEncoder xsi:type="SAML1ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
445             name="urn:mace:dir:attribute-def:eduPersonPrincipalName" />
446
447         <resolver:AttributeEncoder xsi:type="SAML2ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
448             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" friendlyName="eduPersonPrincipalName" />
449     </resolver:AttributeDefinition>
450
451     <resolver:AttributeDefinition id="scopedAffiliation" xsi:type="Scoped" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
452         scope="example.org" sourceAttributeID="eduPersonAffiliation">
453         <resolver:Dependency ref="myLDAP" />
454
455         <resolver:AttributeEncoder xsi:type="SAML1ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
456             name="urn:mace:dir:attribute-def:eduPersonScopedAffiliation" />
457
458         <resolver:AttributeEncoder xsi:type="SAML2ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
459             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" friendlyName="eduPersonScopedAffiliation" />
460     </resolver:AttributeDefinition>
461
462     <resolver:AttributeDefinition id="targetedID" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
463         sourceAttributeID="eduPersonTargetedID">
464         <resolver:Dependency ref="myLDAP" />
465
466         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
467             name="urn:mace:dir:attribute-def:eduPersonTargetedID" />
468
469         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
470             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" friendlyName="eduPersonTargetedID" />
471     </resolver:AttributeDefinition>
472
473
474     <!-- Name Identifier related attributes -->
475     <resolver:AttributeDefinition id="transientId" xsi:type="TransientId" xmlns="urn:mace:shibboleth:2.0:resolver:ad">
476         <resolver:AttributeEncoder xsi:type="SAML1StringNameIdentifier"
477             xmlns="urn:mace:shibboleth:2.0:attribute:encoder" nameFormat="urn:mace:shibboleth:1.0:nameIdentifier" />
478
479         <resolver:AttributeEncoder xsi:type="SAML2StringNameID" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
480             nameFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" />
481     </resolver:AttributeDefinition>
482
483     <!-- ========================================== -->
484     <!--      Data Connectors                       -->
485     <!-- ========================================== -->
486
487     <!-- Example Static Connector -->
488     <resolver:DataConnector id="staticAttributes" xsi:type="Static" xmlns="urn:mace:shibboleth:2.0:resolver:dc">
489         <Attribute id="eduPersonAffiliation">
490             <Value>member</Value>
491         </Attribute>
492         <Attribute id="eduPersonEntitlement">
493             <Value>urn:example.org:entitlement:entitlement1</Value>
494             <Value>urn:mace:dir:entitlement:common-lib-terms</Value>
495         </Attribute>
496     </resolver:DataConnector>
497
498     <!-- Example Relational Database Connector -->
499     <resolver:DataConnector id="mySIS" xsi:type="RelationalDatabase" xmlns="urn:mace:shibboleth:2.0:resolver:dc"
500         validationQuery="SELECT 1 FROM DUAL">
501         <ApplicationManagedConnection jdbcDriver="oracle.jdbc.driver.OracleDriver"
502             jdbcURL="jdbc:oracle:thin:@db.example.org:1521:SomeDB" jdbcUserName="myid" jdbcPassword="mypassword" />
503         <QueryTemplate>
504             <![CDATA[
505                 SELECT * FROM student WHERE gzbtpid = $requestContext.principalName
506             ]]>
507         </QueryTemplate>
508
509         <Column columnName="gzbtpid" attributeID="uid" />
510         <Column columnName="fqlft" attributeID="gpa" type="Float" />
511     </resolver:DataConnector>
512
513     <!-- Example LDAP Connector -->
514     <resolver:DataConnector id="myLDAP" xsi:type="LDAPDirectory" xmlns="urn:mace:shibboleth:2.0:resolver:dc"
515         ldapUrl="ldap://ldap.example.org" baseDN="ou=people,dc=example,dc=org" principal="uid=myservice,ou=system"
516         principalCredential="myServicePassword">
517         <FilterTemplate>
518             <![CDATA[
519                 (uid=$requestContext.principalName)
520             ]]>
521         </FilterTemplate>
522
523     </resolver:DataConnector>
524
525     <!-- ========================================== -->
526     <!--      Principal Connectors                  -->
527     <!-- ========================================== -->
528     <resolver:PrincipalConnector xsi:type="Transient" xmlns="urn:mace:shibboleth:2.0:resolver:pc" id="shibTransient"
529         nameIDFormat="urn:mace:shibboleth:1.0:nameIdentifier" />
530
531     <resolver:PrincipalConnector xsi:type="Transient" xmlns="urn:mace:shibboleth:2.0:resolver:pc" id="saml2Transient"
532         nameIDFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" />
533
534 </AttributeResolver>