Implement config wiring changes related to artifact map and JOST-110:
[java-idp.git] / src / installer / resources / conf-tmpl / attribute-resolver.xml
1 <?xml version="1.0" encoding="UTF-8"?>
2
3 <!-- 
4     This file is an EXAMPLE configuration file.  While the configuration presented in this 
5     example file is functional, it isn't very interesting.  However, there are lots of example
6     attributes, encoders, and a couple example data connectors.
7     
8     Not all attribute definitions, data connectors, or principal connectors are demonstrated.
9     Deployers should refer to the Shibboleth 2 documentation for a complete list of components 
10     and their options.
11 -->
12
13
14 <AttributeResolver xmlns="urn:mace:shibboleth:2.0:resolver" xmlns:resolver="urn:mace:shibboleth:2.0:resolver"
15                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:pc="urn:mace:shibboleth:2.0:resolver:pc"
16                    xmlns:ad="urn:mace:shibboleth:2.0:resolver:ad" xmlns:dc="urn:mace:shibboleth:2.0:resolver:dc"
17                    xmlns:enc="urn:mace:shibboleth:2.0:attribute:encoder" xmlns:sec="urn:mace:shibboleth:2.0:security"
18                    xsi:schemaLocation="urn:mace:shibboleth:2.0:resolver classpath:/schema/shibboleth-2.0-attribute-resolver.xsd
19                                        urn:mace:shibboleth:2.0:resolver:pc classpath:/schema/shibboleth-2.0-attribute-resolver-pc.xsd
20                                        urn:mace:shibboleth:2.0:resolver:ad classpath:/schema/shibboleth-2.0-attribute-resolver-ad.xsd
21                                        urn:mace:shibboleth:2.0:resolver:dc classpath:/schema/shibboleth-2.0-attribute-resolver-dc.xsd
22                                        urn:mace:shibboleth:2.0:attribute:encoder classpath:/schema/shibboleth-2.0-attribute-encoder.xsd
23                                        urn:mace:shibboleth:2.0:security classpath:/schema/shibboleth-2.0-security.xsd">
24
25     <!-- ========================================== -->
26     <!--      Attribute Definitions                 -->
27     <!-- ========================================== -->
28
29     <!-- Schema: Core schema attributes-->
30     <!--
31     <resolver:AttributeDefinition id="uid" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
32         sourceAttributeID="uid">
33         <resolver:Dependency ref="myLDAP" />
34
35         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
36             name="urn:mace:dir:attribute-def:uid" />
37
38         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
39             name="urn:oid:0.9.2342.19200300.100.1.1" friendlyName="uid" />
40     </resolver:AttributeDefinition>
41
42     <resolver:AttributeDefinition id="email" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
43         sourceAttributeID="mail">
44         <resolver:Dependency ref="myLDAP" />
45
46         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
47             name="urn:mace:dir:attribute-def:mail" />
48
49         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
50             name="urn:oid:0.9.2342.19200300.100.1.3" friendlyName="mail" />
51     </resolver:AttributeDefinition>
52
53     <resolver:AttributeDefinition id="homePhone" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
54         sourceAttributeID="homePhone">
55         <resolver:Dependency ref="myLDAP" />
56
57         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
58             name="urn:mace:dir:attribute-def:homePhone" />
59
60         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
61             name="urn:oid:0.9.2342.19200300.100.1.20" friendlyName="homePhone" />
62     </resolver:AttributeDefinition>
63
64     <resolver:AttributeDefinition id="homePostalAddress" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
65         sourceAttributeID="homePostalAddress">
66         <resolver:Dependency ref="myLDAP" />
67
68         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
69             name="urn:mace:dir:attribute-def:homePostalAddress" />
70
71         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
72             name="urn:oid:0.9.2342.19200300.100.1.39" friendlyName="homePostalAddress" />
73     </resolver:AttributeDefinition>
74
75     <resolver:AttributeDefinition id="mobileNumber" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
76         sourceAttributeID="mobile">
77         <resolver:Dependency ref="myLDAP" />
78
79         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
80             name="urn:mace:dir:attribute-def:mobile" />
81
82         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
83             name="urn:oid:0.9.2342.19200300.100.1.41" friendlyName="mobile" />
84     </resolver:AttributeDefinition>
85
86     <resolver:AttributeDefinition id="pagerNumber" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
87         sourceAttributeID="pager">
88         <resolver:Dependency ref="myLDAP" />
89
90         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
91             name="urn:mace:dir:attribute-def:pager" />
92
93         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
94             name="urn:oid:0.9.2342.19200300.100.1.42" friendlyName="pager" />
95     </resolver:AttributeDefinition>
96
97     <resolver:AttributeDefinition id="commonName" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
98         sourceAttributeID="cn">
99         <resolver:Dependency ref="myLDAP" />
100
101         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
102             name="urn:mace:dir:attribute-def:cn" />
103
104         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
105             name="urn:oid:2.5.4.3" friendlyName="cn" />
106     </resolver:AttributeDefinition>
107
108     <resolver:AttributeDefinition id="surname" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
109         sourceAttributeID="sn">
110         <resolver:Dependency ref="myLDAP" />
111
112         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
113             name="urn:mace:dir:attribute-def:sn" />
114
115         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
116             name="urn:oid:2.5.4.4" friendlyName="sn" />
117     </resolver:AttributeDefinition>
118
119     <resolver:AttributeDefinition id="locality" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
120         sourceAttributeID="l">
121         <resolver:Dependency ref="myLDAP" />
122
123         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
124             name="urn:mace:dir:attribute-def:l" />
125
126         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
127             name="urn:oid:2.5.4.7" friendlyName="l" />
128     </resolver:AttributeDefinition>
129
130     <resolver:AttributeDefinition id="stateProvince" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
131         sourceAttributeID="st">
132         <resolver:Dependency ref="myLDAP" />
133
134         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
135             name="urn:mace:dir:attribute-def:st" />
136
137         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
138             name="urn:oid:2.5.4.8" friendlyName="st" />
139     </resolver:AttributeDefinition>
140
141     <resolver:AttributeDefinition id="street" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
142         sourceAttributeID="street">
143         <resolver:Dependency ref="myLDAP" />
144
145         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
146             name="urn:mace:dir:attribute-def:street" />
147
148         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
149             name="urn:oid:2.5.4.9" friendlyName="street" />
150     </resolver:AttributeDefinition>
151
152     <resolver:AttributeDefinition id="organizationName" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
153         sourceAttributeID="o">
154         <resolver:Dependency ref="myLDAP" />
155
156         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
157             name="urn:mace:dir:attribute-def:o" />
158
159         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
160             name="urn:oid:2.5.4.10" friendlyName="o" />
161     </resolver:AttributeDefinition>
162
163     <resolver:AttributeDefinition id="organizationalUnit" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
164         sourceAttributeID="ou">
165         <resolver:Dependency ref="myLDAP" />
166
167         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
168             name="urn:mace:dir:attribute-def:ou" />
169
170         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
171             name="urn:oid:2.5.4.11" friendlyName="ou" />
172     </resolver:AttributeDefinition>
173
174     <resolver:AttributeDefinition id="title" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
175         sourceAttributeID="title">
176         <resolver:Dependency ref="myLDAP" />
177
178         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
179             name="urn:mace:dir:attribute-def:title" />
180
181         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
182             name="urn:oid:2.5.4.12" friendlyName="title" />
183     </resolver:AttributeDefinition>
184
185     <resolver:AttributeDefinition id="postalAddress" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
186         sourceAttributeID="postalAddress">
187         <resolver:Dependency ref="myLDAP" />
188
189         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
190             name="urn:mace:dir:attribute-def:postalAddress" />
191
192         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
193             name="urn:oid:2.5.4.16" friendlyName="postalAddress" />
194     </resolver:AttributeDefinition>
195
196     <resolver:AttributeDefinition id="postalCode" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
197         sourceAttributeID="postalCode">
198         <resolver:Dependency ref="myLDAP" />
199
200         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
201             name="urn:mace:dir:attribute-def:postalCode" />
202
203         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
204             name="urn:oid:2.5.4.17" friendlyName="postalCode" />
205     </resolver:AttributeDefinition>
206
207     <resolver:AttributeDefinition id="postOfficeBox" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
208         sourceAttributeID="postOfficeBox">
209         <resolver:Dependency ref="myLDAP" />
210
211         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
212             name="urn:mace:dir:attribute-def:postOfficeBox" />
213
214         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
215             name="urn:oid:2.5.4.18" friendlyName="postOfficeBox" />
216     </resolver:AttributeDefinition>
217
218     <resolver:AttributeDefinition id="telephoneNumber" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
219         sourceAttributeID="telephoneNumber">
220         <resolver:Dependency ref="myLDAP" />
221
222         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
223             name="urn:mace:dir:attribute-def:telephoneNumber" />
224
225         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
226             name="urn:oid:2.5.4.20" friendlyName="telephoneNumber" />
227     </resolver:AttributeDefinition>
228
229     <resolver:AttributeDefinition id="givenName" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
230         sourceAttributeID="givenName">
231         <resolver:Dependency ref="myLDAP" />
232
233         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
234             name="urn:mace:dir:attribute-def:givenName" />
235
236         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
237             name="urn:oid:2.5.4.42" friendlyName="givenName" />
238     </resolver:AttributeDefinition>
239
240     <resolver:AttributeDefinition id="initials" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
241         sourceAttributeID="initials">
242         <resolver:Dependency ref="myLDAP" />
243
244         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
245             name="urn:mace:dir:attribute-def:initials" />
246
247         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
248             name="urn:oid:2.5.4.43" friendlyName="initials" />
249     </resolver:AttributeDefinition>
250      -->
251
252     <!-- Schema: inetOrgPerson attributes-->
253     <!--
254     <resolver:AttributeDefinition id="departmentNumber" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
255         sourceAttributeID="departmentNumber">
256         <resolver:Dependency ref="myLDAP" />
257
258         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
259             name="urn:mace:dir:attribute-def:departmentNumber" />
260
261         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
262             name="urn:oid:2.16.840.1.113730.3.1.2" friendlyName="departmentNumber" />
263     </resolver:AttributeDefinition>
264
265     <resolver:AttributeDefinition id="employeeNumber" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
266         sourceAttributeID="employeeNumber">
267         <resolver:Dependency ref="myLDAP" />
268
269         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
270             name="urn:mace:dir:attribute-def:employeeNumber" />
271
272         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
273             name="urn:oid:2.16.840.1.113730.3.1.3" friendlyName="employeeNumber" />
274     </resolver:AttributeDefinition>
275
276     <resolver:AttributeDefinition id="employeeType" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
277         sourceAttributeID="employeeType">
278         <resolver:Dependency ref="myLDAP" />
279
280         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
281             name="urn:mace:dir:attribute-def:employeeType" />
282
283         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
284             name="urn:oid:2.16.840.1.113730.3.1.4" friendlyName="employeeType" />
285     </resolver:AttributeDefinition>
286
287     <resolver:AttributeDefinition id="jpegPhoto" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
288         sourceAttributeID="jpegPhoto">
289         <resolver:Dependency ref="myLDAP" />
290
291         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
292             name="urn:mace:dir:attribute-def:jpegPhoto" />
293
294         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
295             name="urn:oid:0.9.2342.19200300.100.1.60" friendlyName="jpegPhoto" />
296     </resolver:AttributeDefinition>
297
298     <resolver:AttributeDefinition id="preferredLanguage" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
299         sourceAttributeID="preferredLanguage">
300         <resolver:Dependency ref="myLDAP" />
301
302         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
303             name="urn:mace:dir:attribute-def:preferredLanguage" />
304
305         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
306             name="urn:oid:2.16.840.1.113730.3.1.39" friendlyName="preferredLanguage" />
307     </resolver:AttributeDefinition>
308     -->
309
310     <!-- Schema: eduPerson attributes -->
311     <!--
312     <resolver:AttributeDefinition id="eduPersonAffiliation" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
313         sourceAttributeID="eduPersonAffiliation">
314         <resolver:Dependency ref="myLDAP" />
315
316         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
317             name="urn:mace:dir:attribute-def:eduPersonAffiliation" />
318
319         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
320             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1" friendlyName="eduPersonAffiliation" />
321     </resolver:AttributeDefinition>
322
323     <resolver:AttributeDefinition id="eduPersonEntitlement" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
324         sourceAttributeID="eduPersonEntitlement">
325         <resolver:Dependency ref="myLDAP" />
326
327         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
328             name="urn:mace:dir:attribute-def:eduPersonEntitlement" />
329
330         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
331             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" friendlyName="eduPersonEntitlement" />
332     </resolver:AttributeDefinition>
333
334     <resolver:AttributeDefinition id="eduPersonNickname" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
335         sourceAttributeID="eduPersonNickname">
336         <resolver:Dependency ref="myLDAP" />
337
338         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
339             name="urn:mace:dir:attribute-def:eduPersonNickname" />
340
341         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
342             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.2" friendlyName="eduPersonNickname" />
343     </resolver:AttributeDefinition>
344
345     <resolver:AttributeDefinition id="eduPersonOrgDN" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
346         sourceAttributeID="eduPersonOrgDN">
347         <resolver:Dependency ref="myLDAP" />
348
349         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
350             name="urn:mace:dir:attribute-def:eduPersonOrgDN" />
351
352         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
353             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.3" friendlyName="eduPersonOrgDN" />
354     </resolver:AttributeDefinition>
355
356     <resolver:AttributeDefinition id="eduPersonOrgUnitDN" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
357         sourceAttributeID="eduPersonOrgUnitDN">
358         <resolver:Dependency ref="myLDAP" />
359
360         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
361             name="urn:mace:dir:attribute-def:eduPersonOrgUnitDN" />
362
363         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
364             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.4" friendlyName="eduPersonOrgUnitDN" />
365     </resolver:AttributeDefinition>
366
367     <resolver:AttributeDefinition id="eduPersonPrimaryAffiliation" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
368         sourceAttributeID="eduPersonPrimaryAffiliation">
369         <resolver:Dependency ref="myLDAP" />
370
371         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
372             name="urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation" />
373
374         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
375             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.5" friendlyName="eduPersonPrimaryAffiliation" />
376     </resolver:AttributeDefinition>
377
378     <resolver:AttributeDefinition id="eduPersonPrimaryOrgUnitDN" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
379         sourceAttributeID="eduPersonPrimaryOrgUnitDN">
380         <resolver:Dependency ref="myLDAP" />
381
382         <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
383             name="urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN" />
384
385         <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
386             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.8" friendlyName="eduPersonPrimaryOrgUnitDN" />
387     </resolver:AttributeDefinition>
388
389     <resolver:AttributeDefinition id="eduPersonPrincipalName" xsi:type="Scoped" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
390         scope="$IDP_SCOPE$" sourceAttributeID="uid">
391         <resolver:Dependency ref="myLDAP" />
392
393         <resolver:AttributeEncoder xsi:type="SAML1ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
394             name="urn:mace:dir:attribute-def:eduPersonPrincipalName" />
395
396         <resolver:AttributeEncoder xsi:type="SAML2ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
397             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" friendlyName="eduPersonPrincipalName" />
398     </resolver:AttributeDefinition>
399
400     <resolver:AttributeDefinition id="eduPersonScopedAffiliation" xsi:type="Scoped" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
401         scope="$IDP_SCOPE$" sourceAttributeID="eduPersonAffiliation">
402         <resolver:Dependency ref="myLDAP" />
403
404         <resolver:AttributeEncoder xsi:type="SAML1ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
405             name="urn:mace:dir:attribute-def:eduPersonScopedAffiliation" />
406
407         <resolver:AttributeEncoder xsi:type="SAML2ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
408             name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" friendlyName="eduPersonScopedAffiliation" />
409     </resolver:AttributeDefinition>
410         
411     <resolver:AttributeDefinition id="eduPersonTargetedID.old" xsi:type="Scoped" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
412         scope="$IDP_SCOPE$" sourceAttributeID="computedID">
413         <resolver:Dependency ref="computedID" />
414
415         <resolver:AttributeEncoder xsi:type="SAML1ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
416             name="urn:mace:dir:attribute-def:eduPersonTargetedID" />
417     </resolver:AttributeDefinition>
418
419     <resolver:AttributeDefinition id="eduPersonTargetedID" xsi:type="SAML2NameID" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
420         nameIdFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
421         sourceAttributeID="computedID">
422         <resolver:Dependency ref="computedID" />
423
424         <resolver:AttributeEncoder xsi:type="SAML1XMLObject" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
425                 name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" />
426     
427         <resolver:AttributeEncoder xsi:type="SAML2XMLObject" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
428                 name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" friendlyName="eduPersonTargetedID" />
429     </resolver:AttributeDefinition>
430     -->
431
432     <!-- Name Identifier related attributes -->
433     <resolver:AttributeDefinition id="transientId" xsi:type="TransientId" xmlns="urn:mace:shibboleth:2.0:resolver:ad">
434         <resolver:AttributeEncoder xsi:type="SAML1StringNameIdentifier" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
435             nameFormat="urn:mace:shibboleth:1.0:nameIdentifier" />
436             
437         <resolver:AttributeEncoder xsi:type="SAML2StringNameID" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
438             nameFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" />
439
440     </resolver:AttributeDefinition>
441
442     <!-- ========================================== -->
443     <!--      Data Connectors                       -->
444     <!-- ========================================== -->
445
446     <!-- Example Static Connector -->
447     <!--
448     <resolver:DataConnector id="staticAttributes" xsi:type="Static" xmlns="urn:mace:shibboleth:2.0:resolver:dc">
449         <Attribute id="eduPersonAffiliation">
450             <Value>member</Value>
451         </Attribute>
452         <Attribute id="eduPersonEntitlement">
453             <Value>urn:example.org:entitlement:entitlement1</Value>
454             <Value>urn:mace:dir:entitlement:common-lib-terms</Value>
455         </Attribute>
456     </resolver:DataConnector>
457     -->
458
459     <!-- Example Relational Database Connector -->
460     <!--
461     <resolver:DataConnector id="mySIS" xsi:type="RelationalDatabase" xmlns="urn:mace:shibboleth:2.0:resolver:dc">
462         <ApplicationManagedConnection jdbcDriver="oracle.jdbc.driver.OracleDriver"
463             jdbcURL="jdbc:oracle:thin:@db.example.org:1521:SomeDB" jdbcUserName="myid" jdbcPassword="mypassword" />
464         <QueryTemplate>
465             <![CDATA[
466                 SELECT * FROM student WHERE gzbtpid = '$requestContext.principalName'
467             ]]>
468         </QueryTemplate>
469
470         <Column columnName="gzbtpid" attributeID="uid" />
471         <Column columnName="fqlft" attributeID="gpa" type="Float" />
472     </resolver:DataConnector>
473      -->
474
475     <!-- Example LDAP Connector -->
476     <!--
477     <resolver:DataConnector id="myLDAP" xsi:type="LDAPDirectory" xmlns="urn:mace:shibboleth:2.0:resolver:dc"
478         ldapURL="ldap://ldap.example.org" baseDN="ou=people,dc=example,dc=org" principal="uid=myservice,ou=system"
479         principalCredential="myServicePassword">
480         <FilterTemplate>
481             <![CDATA[
482                 (uid=$requestContext.principalName)
483             ]]>
484         </FilterTemplate>
485     </resolver:DataConnector>
486     -->
487     
488     <!-- Computed targeted ID connector -->
489     <!--
490     <resolver:DataConnector xsi:type="ComputedId" xmlns="urn:mace:shibboleth:2.0:resolver:dc"
491                             id="computedID"
492                             generatedAttributeID="computedID"
493                             sourceAttributeID="uid"
494                             salt="your random string here">
495         <resolver:Dependency ref="myLDAP" />
496     </resolver:DataConnector> 
497     -->
498
499     <!-- ========================================== -->
500     <!--      Principal Connectors                  -->
501     <!-- ========================================== -->
502     <resolver:PrincipalConnector xsi:type="Transient" xmlns="urn:mace:shibboleth:2.0:resolver:pc" id="shibTransient"
503         nameIDFormat="urn:mace:shibboleth:1.0:nameIdentifier" />
504         
505     <resolver:PrincipalConnector xsi:type="Transient" xmlns="urn:mace:shibboleth:2.0:resolver:pc" id="saml1Unspec"
506         nameIDFormat="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" />
507
508     <resolver:PrincipalConnector xsi:type="Transient" xmlns="urn:mace:shibboleth:2.0:resolver:pc" id="saml2Transient"
509         nameIDFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" />
510
511 </AttributeResolver>