Uploaded image for project: 'Identity Provider'
  1. Identity Provider
  2. IDP-926

Support a general PrincipalDataConnector.

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 4.0.0
    • Component/s: Authentication
    • Labels:
      None

      Description

      http://shibboleth.1660669.n2.nabble.com/Re-Extracting-Values-from-a-Custom-Principal-td7622962.html

      <resolver:DataConnector xsi:type="dc:Subject" xmlns="urn:mace:shibboleth:2.0:resolver:dc"
      id="subject_extract"
      principalClass="customPrincipalClass"
      resultPrefix=""
      includeEncoders=false
      attributes = "uid cn sn">
      <ReturnAttributes>ATTRIBUTE_1 ATTRIBUTE_2 ATTRIBUTE_3</ReturnAttributes>
      </resolver:DataConnector>

      Open Questions:

      1) Should support including encoders - so you don't have to duplicate code for attaching them in attribute resolver, if they are already there.
      2) How to deal with attribute prefixes and encoders - I vote don't change the encoder to include a prefix use it as - just let the user decide whether to release the encoders or not.
      3) How should this work with vanilla principals like X509Principal? Just call getName and require the user to name the return attribute?
      4) Should it support extracting multiple attributes per principal? The use case for this is if the blob is a large value like a encoded certificate - you might not want to extract every possible value every time and let the user choose in the attribute_resolver if they need the value extracted or not on a per SP basis.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              cantor.2@osu.edu Scott Cantor
              Reporter:
              cneberg@idp.protectnetwork.org cneberg@idp.protectnetwork.org
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 0 minutes
                  0m
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 hours, 15 minutes
                  2h 15m