Moved example standard directory attributes to ldap resolver example file.
[java-idp.git] / src / conf / resolver.ldap.xml
1 <AttributeResolver xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="urn:mace:shibboleth:resolver:1.0" xsi:schemaLocation="urn:mace:shibboleth:resolver:1.0 shibboleth-resolver-1.0.xsd">
2         
3         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:eduPersonEntitlement">
4                 <DataConnectorDependency requires="directory"/>
5         </SimpleAttributeDefinition>
6         
7         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:eduPersonAffiliation">
8                 <DataConnectorDependency requires="directory"/>
9         </SimpleAttributeDefinition>
10         
11         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:eduPersonNickname">
12                 <DataConnectorDependency requires="directory"/>
13         </SimpleAttributeDefinition>
14         
15         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation">
16                 <DataConnectorDependency requires="directory"/>
17         </SimpleAttributeDefinition>
18         
19         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN">
20                 <DataConnectorDependency requires="directory"/>
21         </SimpleAttributeDefinition>
22         
23         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:eduPersonOrgUnitDN">
24                 <DataConnectorDependency requires="directory"/>
25         </SimpleAttributeDefinition>
26         
27         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:eduPersonOrgDN">
28                 <DataConnectorDependency requires="directory"/>
29         </SimpleAttributeDefinition>
30         
31         
32         <!-- To use these attributes, you should change the smartScope value to match your site's domain name. -->
33         <!--
34         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:eduPersonScopedAffiliation" smartScope="shibdev.edu">
35                 <AttributeDependency requires="urn:mace:dir:attribute-def:eduPersonAffiliation"/>
36         </SimpleAttributeDefinition>
37
38         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:eduPersonPrincipalName" smartScope="shibdev.edu">
39         <DataConnectorDependency requires="directory"/>
40         </SimpleAttributeDefinition>
41         -->
42         
43         
44         <!-- Example persistent id attribute.  You should change the scope value to match your site's domain 
45                  name.  Since this configuration is permanent, some thought is required before deploying in 
46                  production. -->
47         <!--
48         <PersistentIDAttributeDefinition id="urn:mace:dir:attribute-def:eduPersonTargetedID" scope="shibdev.edu" sourceName="guid">
49                 <DataConnectorDependency requires="directory"/>
50                 <Salt keyStorePath="/conf/persistent.jks" keyStoreKeyAlias="handleKey" keyStorePassword="shibhs" keyStoreKeyPassword="shibhs"/>
51         </PersistentIDAttributeDefinition>
52         -->
53         
54         
55         <!--Examples of common ldap-based attributes -->
56         <!--
57         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:cn">
58                 <DataConnectorDependency requires="directory"/>
59         </SimpleAttributeDefinition>
60         
61         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:sn">
62                 <DataConnectorDependency requires="directory"/>
63         </SimpleAttributeDefinition>
64         
65         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:telephoneNumber">
66                 <DataConnectorDependency requires="directory"/>
67         </SimpleAttributeDefinition>
68         
69         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:title">
70                 <DataConnectorDependency requires="directory"/>
71         </SimpleAttributeDefinition>
72         
73         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:initials">
74                 <DataConnectorDependency requires="directory"/>
75         </SimpleAttributeDefinition>
76         
77         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:description">
78                 <DataConnectorDependency requires="directory"/>
79         </SimpleAttributeDefinition>
80         
81         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:carLicense">
82                 <DataConnectorDependency requires="directory"/>
83         </SimpleAttributeDefinition>
84         
85         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:departmentNumber">
86                 <DataConnectorDependency requires="directory"/>
87         </SimpleAttributeDefinition>
88         
89         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:displayName">
90                 <DataConnectorDependency requires="directory"/>
91         </SimpleAttributeDefinition>
92         
93         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:employeeNumber">
94                 <DataConnectorDependency requires="directory"/>
95         </SimpleAttributeDefinition>
96         
97         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:employeeType">
98                 <DataConnectorDependency requires="directory"/>
99         </SimpleAttributeDefinition>
100         
101         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:preferredLanguage">
102                 <DataConnectorDependency requires="directory"/>
103         </SimpleAttributeDefinition>
104         
105         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:manager">
106                 <DataConnectorDependency requires="directory"/>
107         </SimpleAttributeDefinition>
108         
109         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:roomNumber">
110                 <DataConnectorDependency requires="directory"/>
111         </SimpleAttributeDefinition>
112         
113         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:seeAlso">
114                 <DataConnectorDependency requires="directory"/>
115         </SimpleAttributeDefinition>
116         
117         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:facsimileTelephoneNumber">
118                 <DataConnectorDependency requires="directory"/>
119         </SimpleAttributeDefinition>
120         
121         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:street">
122                 <DataConnectorDependency requires="directory"/>
123         </SimpleAttributeDefinition>
124         
125         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:postOfficeBox">
126                 <DataConnectorDependency requires="directory"/>
127         </SimpleAttributeDefinition>
128         
129         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:postalCode">
130                 <DataConnectorDependency requires="directory"/>
131         </SimpleAttributeDefinition>
132         
133         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:st">
134                 <DataConnectorDependency requires="directory"/>
135         </SimpleAttributeDefinition>
136         
137         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:givenName">
138                 <DataConnectorDependency requires="directory"/>
139         </SimpleAttributeDefinition>
140         
141         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:l">
142                 <DataConnectorDependency requires="directory"/>
143         </SimpleAttributeDefinition>
144         
145         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:businessCategory">
146                 <DataConnectorDependency requires="directory"/>
147         </SimpleAttributeDefinition>
148         
149         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:ou">
150                 <DataConnectorDependency requires="directory"/>
151         </SimpleAttributeDefinition>
152         
153         <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:physicalDeliveryOfficeName">
154                 <DataConnectorDependency requires="directory"/>
155         </SimpleAttributeDefinition>
156         -->
157
158
159         <JNDIDirectoryDataConnector id="directory">
160                 <Search filter="cn=%PRINCIPAL%">
161                         <Controls searchScope="SUBTREE_SCOPE" returningObjects="false" />
162                 </Search>
163                 <Property name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory" />
164                 <Property name="java.naming.provider.url" value="ldap://ldap.example.edu/dc=example,dc=edu" />
165                 <Property name="java.naming.security.principal" value="cn=admin,dc=example,dc=edu" />
166                 <Property name="java.naming.security.credentials" value="examplepw" />
167         </JNDIDirectoryDataConnector>
168         
169         
170         <!-- An example of how to do a simple ldap bind over SSL -->
171         <!-- 
172         <JNDIDirectoryDataConnector id="directorySecure">
173                 <Search filter="cn=%PRINCIPAL%">
174                         <Controls searchScope="SUBTREE_SCOPE" returningObjects="false" />
175                 </Search>
176                 <Property name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory" />
177                 <Property name="java.naming.provider.url" value="ldap://ldap.example.edu:636/dc=example,dc=edu" />
178                 <Property name="java.naming.security.protocol" value="ssl" />
179                 <Property name="java.naming.security.principal" value="cn=admin,dc=example,dc=edu" />
180                 <Property name="java.naming.security.credentials" value="examplepw" />
181         </JNDIDirectoryDataConnector>
182         -->
183         
184         
185         <!-- An example of how to setup ldap with connection pooling -->
186         <!-- 
187         <JNDIDirectoryDataConnector id="directoryPooled">
188                 <Search filter="cn=%PRINCIPAL%">
189                         <Controls searchScope="SUBTREE_SCOPE" returningObjects="false" />
190                 </Search>
191                 <Property name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory" />
192                 <Property name="java.naming.provider.url" value="ldap://ldap.example.edu/dc=example,dc=edu" />
193                 <Property name="com.sun.jndi.ldap.connect.pool" value="true" />
194                 <Property name="com.sun.jndi.ldap.connect.pool.initsize" value="5" />
195                 <Property name="com.sun.jndi.ldap.connect.pool.prefsize" value="5" />
196                 <Property name="com.sun.jndi.ldap.connect.pool.authentication" value="none simple DIGEST-MD5" />
197                 <Property name="com.sun.jndi.ldap.connect.pool.protocol" value="plain ssl" />
198         </JNDIDirectoryDataConnector>
199         -->
200
201 </AttributeResolver>