<?xml version="1.0" encoding="UTF-8"?>
-<AttributeResolver xmlns="urn:mace:shibboleth:2.0:resolver"
- xmlns:resolver="urn:mace:shibboleth:2.0:resolver"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:pc="urn:mace:shibboleth:2.0:resolver:pc"
- xmlns:ad="urn:mace:shibboleth:2.0:resolver:ad"
- xmlns:dc="urn:mace:shibboleth:2.0:resolver:dc"
- xmlns:enc="urn:mace:shibboleth:2.0:attribute:encoder"
- xsi:schemaLocation="urn:mace:shibboleth:2.0:resolver classpath:/schema/shibboleth-2.0-attribute-resolver.xsd
- urn:mace:shibboleth:2.0:resolver:pc classpath:/schema/shibboleth-2.0-attribute-resolver-pc.xsd
- urn:mace:shibboleth:2.0:resolver:ad classpath:/schema/shibboleth-2.0-attribute-resolver-ad.xsd
- urn:mace:shibboleth:2.0:resolver:dc classpath:/schema/shibboleth-2.0-attribute-resolver-dc.xsd
- urn:mace:shibboleth:2.0:attribute:encoder classpath:/schema/shibboleth-2.0-attribute-encoder.xsd">
-
- <resolver:AttributeDefinition xsi:type="ad:Simple" id="uid">
- <resolver:DataConnectorDependency ref="static" />
- <resolver:AttributeEncoder xsi:type="enc:SAML2StringNameID" />
- </resolver:AttributeDefinition>
+<!--
+ This file is an EXAMPLE configuration file. While the configuration presented in this
+ example file is functional, it isn't very interesting. However, there are lots of example
+ attributes, encoders, and a couple example data connectors.
- <resolver:AttributeDefinition xsi:type="ad:Simple" id="cn">
- <resolver:DataConnectorDependency ref="static" />
+ Not all attribute definitions, data connectors, or principal connectors are demonstrated.
+ Deployers should refer to the Shibboleth 2 documentation for a complete list of components
+ and their options.
+-->
+
+
+<AttributeResolver xmlns="urn:mace:shibboleth:2.0:resolver" xmlns:resolver="urn:mace:shibboleth:2.0:resolver"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:pc="urn:mace:shibboleth:2.0:resolver:pc"
+ xmlns:ad="urn:mace:shibboleth:2.0:resolver:ad" xmlns:dc="urn:mace:shibboleth:2.0:resolver:dc"
+ xmlns:enc="urn:mace:shibboleth:2.0:attribute:encoder" xmlns:sec="urn:mace:shibboleth:2.0:security"
+ xsi:schemaLocation="urn:mace:shibboleth:2.0:resolver classpath:/schema/shibboleth-2.0-attribute-resolver.xsd
+ urn:mace:shibboleth:2.0:resolver:pc classpath:/schema/shibboleth-2.0-attribute-resolver-pc.xsd
+ urn:mace:shibboleth:2.0:resolver:ad classpath:/schema/shibboleth-2.0-attribute-resolver-ad.xsd
+ urn:mace:shibboleth:2.0:resolver:dc classpath:/schema/shibboleth-2.0-attribute-resolver-dc.xsd
+ urn:mace:shibboleth:2.0:attribute:encoder classpath:/schema/shibboleth-2.0-attribute-encoder.xsd
+ urn:mace:shibboleth:2.0:security classpath:/schema/shibboleth-2.0-security.xsd">
+
+ <!-- ========================================== -->
+ <!-- Attribute Definitions -->
+ <!-- ========================================== -->
+
+ <!-- Schema: Core schema attributes-->
+ <!--
+ <resolver:AttributeDefinition id="uid" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="uid">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:uid" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:0.9.2342.19200300.100.1.1" friendlyName="uid" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="email" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="mail">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:mail" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:0.9.2342.19200300.100.1.3" friendlyName="mail" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="homePhone" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="homePhone">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:homePhone" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:0.9.2342.19200300.100.1.20" friendlyName="homePhone" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="homePostalAddress" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="homePostalAddress">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:homePostalAddress" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:0.9.2342.19200300.100.1.39" friendlyName="homePostalAddress" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="mobileNumber" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="mobile">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:mobile" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:0.9.2342.19200300.100.1.41" friendlyName="mobile" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="pagerNumber" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="pager">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:pager" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:0.9.2342.19200300.100.1.42" friendlyName="pager" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="commonName" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="cn">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:cn" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:2.5.4.3" friendlyName="cn" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="surname" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="sn">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:sn" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:2.5.4.4" friendlyName="sn" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="locality" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="l">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:l" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:2.5.4.7" friendlyName="l" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="stateProvince" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="st">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:st" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:2.5.4.8" friendlyName="st" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="street" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="street">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:street" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:2.5.4.9" friendlyName="street" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="organizationName" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="o">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:o" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:2.5.4.10" friendlyName="o" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="organizationalUnit" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="ou">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:ou" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:2.5.4.11" friendlyName="ou" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="title" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="title">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:title" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:2.5.4.12" friendlyName="title" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="postalAddress" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="postalAddress">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:postalAddress" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:2.5.4.16" friendlyName="postalAddress" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="postalCode" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="postalCode">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:postalCode" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:2.5.4.17" friendlyName="postalCode" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="postOfficeBox" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="postOfficeBox">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:postOfficeBox" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:2.5.4.18" friendlyName="postOfficeBox" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="telephoneNumber" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="telephoneNumber">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:telephoneNumber" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:2.5.4.20" friendlyName="telephoneNumber" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="givenName" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="givenName">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:givenName" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:2.5.4.42" friendlyName="givenName" />
</resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="initials" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="initials">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:initials" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:2.5.4.43" friendlyName="initials" />
+ </resolver:AttributeDefinition>
+ -->
+
+ <!-- Schema: inetOrgPerson attributes-->
+ <!--
+ <resolver:AttributeDefinition id="departmentNumber" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="departmentNumber">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:departmentNumber" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:2.16.840.1.113730.3.1.2" friendlyName="departmentNumber" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="employeeNumber" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="employeeNumber">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:employeeNumber" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:2.16.840.1.113730.3.1.3" friendlyName="employeeNumber" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="employeeType" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="employeeType">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:employeeType" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:2.16.840.1.113730.3.1.4" friendlyName="employeeType" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="jpegPhoto" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="jpegPhoto">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1Base64" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:jpegPhoto" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2Base64" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:0.9.2342.19200300.100.1.60" friendlyName="jpegPhoto" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="preferredLanguage" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="preferredLanguage">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:preferredLanguage" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:2.16.840.1.113730.3.1.39" friendlyName="preferredLanguage" />
+ </resolver:AttributeDefinition>
+ -->
+
+ <!-- Schema: eduPerson attributes -->
+ <!--
+ <resolver:AttributeDefinition id="eduPersonAffiliation" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="eduPersonAffiliation">
+ <resolver:Dependency ref="staticAttributes" />
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:eduPersonAffiliation" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1" friendlyName="eduPersonAffiliation" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="eduPersonEntitlement" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="eduPersonEntitlement">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:eduPersonEntitlement" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" friendlyName="eduPersonEntitlement" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="eduPersonNickname" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="eduPersonNickname">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:eduPersonNickname" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:1.3.6.1.4.1.5923.1.1.1.2" friendlyName="eduPersonNickname" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="eduPersonOrgDN" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="eduPersonOrgDN">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:eduPersonOrgDN" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:1.3.6.1.4.1.5923.1.1.1.3" friendlyName="eduPersonOrgDN" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="eduPersonOrgUnitDN" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="eduPersonOrgUnitDN">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:eduPersonOrgUnitDN" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:1.3.6.1.4.1.5923.1.1.1.4" friendlyName="eduPersonOrgUnitDN" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="eduPersonPrimaryAffiliation" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="eduPersonPrimaryAffiliation">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:1.3.6.1.4.1.5923.1.1.1.5" friendlyName="eduPersonPrimaryAffiliation" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="eduPersonPrimaryOrgUnitDN" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ sourceAttributeID="eduPersonPrimaryOrgUnitDN">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:1.3.6.1.4.1.5923.1.1.1.8" friendlyName="eduPersonPrimaryOrgUnitDN" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="eduPersonPrincipalName" xsi:type="Scoped" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ scope="example.org" sourceAttributeID="uid">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:eduPersonPrincipalName" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" friendlyName="eduPersonPrincipalName" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="eduPersonScopedAffiliation" xsi:type="Scoped" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ scope="example.org" sourceAttributeID="eduPersonAffiliation">
+ <resolver:Dependency ref="myLDAP" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:eduPersonScopedAffiliation" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" friendlyName="eduPersonScopedAffiliation" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="eduPersonTargetedID.old" xsi:type="Scoped" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ scope="iay.org.uk" sourceAttributeID="computedID">
+ <resolver:Dependency ref="computedID" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:mace:dir:attribute-def:eduPersonTargetedID" />
+ </resolver:AttributeDefinition>
+
+ <resolver:AttributeDefinition id="eduPersonTargetedID" xsi:type="SAML2NameID" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
+ nameIdFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
+ sourceAttributeID="computedID">
+ <resolver:Dependency ref="computedID" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1XMLObject" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" />
- <resolver:AttributeDefinition xsi:type="ad:Simple" id="email">
- <resolver:DataConnectorDependency ref="static" />
- </resolver:AttributeDefinition>
-
- <resolver:DataConnector xsi:type="dc:Static" id="static">
- <dc:Attribute id="uid">
- <dc:Value>testUser</dc:Value>
- </dc:Attribute>
- <dc:Attribute id="cn">
- <dc:Value>Test User</dc:Value>
- </dc:Attribute>
- <dc:Attribute id="email">
- <dc:Value>t.user@example.org</dc:Value>
- </dc:Attribute>
+ <resolver:AttributeEncoder xsi:type="SAML2XMLObject" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" friendlyName="eduPersonTargetedID" />
+ </resolver:AttributeDefinition>
+ -->
+
+ <!-- Name Identifier related attributes -->
+ <resolver:AttributeDefinition id="transientId" xsi:type="TransientId" xmlns="urn:mace:shibboleth:2.0:resolver:ad">
+ <resolver:AttributeEncoder xsi:type="SAML1StringNameIdentifier" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ nameFormat="urn:mace:shibboleth:1.0:nameIdentifier" />
+
+ <resolver:AttributeEncoder xsi:type="SAML1StringNameIdentifier" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ nameFormat="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2StringNameID" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ nameFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" />
+
+ <resolver:AttributeEncoder xsi:type="SAML2StringNameID" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
+ nameFormat="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" />
+ </resolver:AttributeDefinition>
+
+ <!-- ========================================== -->
+ <!-- Data Connectors -->
+ <!-- ========================================== -->
+
+ <!-- Example Static Connector -->
+ <!--
+ <resolver:DataConnector id="staticAttributes" xsi:type="Static" xmlns="urn:mace:shibboleth:2.0:resolver:dc">
+ <Attribute id="eduPersonAffiliation">
+ <Value>member</Value>
+ </Attribute>
+ <Attribute id="eduPersonEntitlement">
+ <Value>urn:example.org:entitlement:entitlement1</Value>
+ <Value>urn:mace:dir:entitlement:common-lib-terms</Value>
+ </Attribute>
+ </resolver:DataConnector>
+ -->
+
+ <!-- Example Relational Database Connector -->
+ <!--
+ <resolver:DataConnector id="mySIS" xsi:type="RelationalDatabase" xmlns="urn:mace:shibboleth:2.0:resolver:dc">
+ <ApplicationManagedConnection jdbcDriver="oracle.jdbc.driver.OracleDriver"
+ jdbcURL="jdbc:oracle:thin:@db.example.org:1521:SomeDB" jdbcUserName="myid" jdbcPassword="mypassword" />
+ <QueryTemplate>
+ <![CDATA[
+ SELECT * FROM student WHERE gzbtpid = $requestContext.principalName
+ ]]>
+ </QueryTemplate>
+
+ <Column columnName="gzbtpid" attributeID="uid" />
+ <Column columnName="fqlft" attributeID="gpa" type="Float" />
</resolver:DataConnector>
+ -->
+
+ <!-- Example LDAP Connector -->
+ <!--
+ <resolver:DataConnector id="myLDAP" xsi:type="LDAPDirectory" xmlns="urn:mace:shibboleth:2.0:resolver:dc"
+ ldapURL="ldap://ldap.example.org" baseDN="ou=people,dc=example,dc=org" principal="uid=myservice,ou=system"
+ principalCredential="myServicePassword">
+ <FilterTemplate>
+ <![CDATA[
+ (uid=$requestContext.principalName)
+ ]]>
+ </FilterTemplate>
+ </resolver:DataConnector>
+ -->
- <resolver:PrincipalConnector xsi:type="pc:Direct"
- id="directPC"
- nameIDFormat="urn:oasis:names:tc:SAML:1.0:nameid-format:unspecified" />
+ <!-- Computed targeted ID connector -->
+ <!--
+ <resolver:DataConnector xsi:type="ComputedId" xmlns="urn:mace:shibboleth:2.0:resolver:dc"
+ id="computedID"
+ generatedAttributeID="computedID"
+ sourceAttributeID="uid"
+ salt="your random string here">
+ <resolver:Dependency ref="myLDAP" />
+ </resolver:DataConnector>
+ -->
+
+ <!-- ========================================== -->
+ <!-- Principal Connectors -->
+ <!-- ========================================== -->
+ <resolver:PrincipalConnector xsi:type="Transient" xmlns="urn:mace:shibboleth:2.0:resolver:pc" id="shibTransient"
+ nameIDFormat="urn:mace:shibboleth:1.0:nameIdentifier" />
+
+ <resolver:PrincipalConnector xsi:type="Transient" xmlns="urn:mace:shibboleth:2.0:resolver:pc" id="saml1Unspec"
+ nameIDFormat="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" />
+
+ <resolver:PrincipalConnector xsi:type="Transient" xmlns="urn:mace:shibboleth:2.0:resolver:pc" id="saml2Transient"
+ nameIDFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" />
</AttributeResolver>
\ No newline at end of file
projects / java-idp.git / blobdiff