Features - SAML dynamic/custom attributes
36 views
Skip to first unread message
Salvo Rapisarda
Feb 18, 2016, 5:45:16 AM2/18/16
to privacyidea
Hi,
We are using privacyIDEA with SimpleSAMLphp for create a federated authentication platform.
We noticed that the function samlcheck() in /api/validate.py returns a fixed set of attributes.
It would be useful for us to customize this set and return other attributes from user resolver (for example, roomNumber or departmentNumber).
What do you think about ?
Salvo.
Cornelius Kölbel
Feb 18, 2016, 10:54:52 AM2/18/16
to privacyidea
Hello Salvo,
This is a good idea and I think 90% of the task is already done.
If you take a look at the getUserInfo of the ldap resolver you will see, that you can map any field you like to.
This way you can "invent" new fields in privacyidea and map these to ldap attributes.
Maybe in samlcheck we should return all available keys of the user.info dictionary.
Kind regards
Cornelius
Cornelius Kölbel
+49 151 2960 1417
NetKnights GmbH
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
-------- Ursprüngliche Nachricht --------
Von: Salvo Rapisarda <sdrap...@gmail.com>
Datum: 18.02.2016 11:45 (GMT+01:00)
An: privacyidea <priva...@googlegroups.com>
Betreff: [privacyidea] Features - SAML dynamic/custom attributes
--
Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.
For professional services and consultancy regarding two factor authentication please visit
https://netknights.it/en/leistungen/one-time-services/
In an enterprise environment you should get a SERVICE LEVEL AGREEMENT which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/
---
You received this message because you are subscribed to the Google Groups "privacyidea" group.
To unsubscribe from this group and stop receiving emails from it, send an email to privacyidea...@googlegroups.com.
To post to this group, send email to priva...@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit https://groups.google.com/d/msgid/privacyidea/4defb9b9-9694-433a-81fc-7ad39ec8d1c6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.
For professional services and consultancy regarding two factor authentication please visit
https://netknights.it/en/leistungen/one-time-services/
In an enterprise environment you should get a SERVICE LEVEL AGREEMENT which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/
---
You received this message because you are subscribed to the Google Groups "privacyidea" group.
To unsubscribe from this group and stop receiving emails from it, send an email to privacyidea...@googlegroups.com.
To post to this group, send email to priva...@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit https://groups.google.com/d/msgid/privacyidea/4defb9b9-9694-433a-81fc-7ad39ec8d1c6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Salvo Rapisarda
Feb 18, 2016, 10:58:08 AM2/18/16
to privacyidea
Will be perfect!
Thx
Cornelius Kölbel
Feb 24, 2016, 1:17:44 PM2/24/16
to privacyidea
Hi Salvo,
the corresponding issue was closed today.
The feature is in github and will be in 2.11.
Kind regards
Cornelius
Reply all
Reply to author
Forward
0 new messages