A problem with attributes NameFormat

[Marco MaLa]

Hi,

I am Marco Malavolti, I'm an italian boy and I'm trying to use your
fantastic simplesamlphp. It's a beautiful software!

I have a problem...

I have configured the SSP as a SP that receive saml assertions from a
Shibboleth 2.x IdP.

Its assertions are:

<saml2:Attribute FriendlyName="uid" Name="urn:oid:
0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:
2.0:attrname-format:uri">
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-
instance" xsi:type="xs:string">mmalavol</saml2:AttributeValue>
</saml2:Attribute>


but my "Saml 2.0 SP Demo" page show me only the attributes with the
urn:oid (the shib13 NameFormat).

How I can resolve it?

Thank You!

Kind Regards,

Marco

[Olav Morken]

No, urn:oid: is the new format. The old format would be starting with
urn:mace:. See the MACE-Dir SAML Attribute Profile for more
information:

http://middleware.internet2.edu/dir/docs/internet2-mace-dir-saml-attributes-200804.pdf

> How I can resolve it?

I assume that you would like to have attributes named "uid" and such
instead? In that case you can map them from OIDs to normal attributes
by adding the 'core:AttributeMap filter to your SP configuration in
config/authsources.php:

'default-sp' => array(
[...],
'authproc' => array(
50 => array(
'class' => 'core:AttributeMap',
'oid2name',
),
),
),

Best regards,
Olav Morken
UNINETT / Feide