schac attributes in attributes-resolver configuration
24 views
Skip to first unread message
Okolie C. Cletus
Nov 19, 2015, 1:02:27 PM11/19/15
to SimpleSAMLphp
Hello,
I am working on an IdP for my REN . My attribute-resolver is not displaying the friendlyNames for my schac attributes rather it returns the oid numbers. Am not sure what the problem is because the other attributes are fine.
Please any clues to help me resolve this problem.
This is what my configuration looks like
<resolver:AttributeDefinition xsi:type="ad:Simple" id="schacPlaceOfBirth" sourceAttributeID="schacPlaceOfBirth">
<resolver:Dependency ref="myLDAP" />
<resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:terena.org:attribute-def:schacPlaceOfBirth" />
<resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:1.3.6.1.4.1.25178.1.2.4" friendlyName="schacPlaceOfBirth" />
</resolver:AttributeDefinition>
This is the output when queried
[urn:oid:1.3.6.1.4.1.7135.1.2.1.32] B.Sc. Ing\xc3\xa9nieur Conception
[urn:oid:1.3.6.1.4.1.25178.1.2.2] 2
[urn:oid:1.3.6.1.4.1.7135.1.2.1.25] 2015
[urn:oid:1.3.6.1.4.1.25178.1.2.3] 19901001
[urn:oid:1.3.6.1.4.1.1466.115.121.1.15] SN
[uid] test
[eduPersonPrincipalName] te...@example.com
[eduPersonPrimaryAffiliation] test
[sn] testing
Thanks
Cletus
Peter Schober
Nov 21, 2015, 1:05:33 PM11/21/15
to SimpleSAMLphp
* Okolie C. Cletus <oko...@gmail.com> [2015-11-19 19:02]:
(if you got the OID right, which I didn't check).
> This is the output when queried
> [urn:oid:1.3.6.1.4.1.7135.1.2.1.32] B.Sc. Ing\xc3\xa9nieur Conception
> [urn:oid:1.3.6.1.4.1.25178.1.2.2] 2
> [urn:oid:1.3.6.1.4.1.7135.1.2.1.25] 2015
> [urn:oid:1.3.6.1.4.1.25178.1.2.3] 19901001
> [urn:oid:1.3.6.1.4.1.1466.115.121.1.15] SN
> [uid] test
> [eduPersonPrincipalName] te...@example.com
> [eduPersonPrimaryAffiliation] test
> [sn] testing
That's likely the display on some SimpleSAMLphp SAML SP, which is
lacking some SCHAC-defined attributes in its oid2name attributemap
(cf. attributemap/oid2name.php for example; the copy I have on disk
only has entries for schacHomeOrganization and
schacPersonalUniqueCode, it seems).
OIDs under 1.3.6.1.4.1.7135. are your own (CRU), of course, so the SSP
software distribution cannot know "friendlier" names for those by
default. You'd have to add those yourself.
So the IDP is Doing The Right Thing and the SP is merely missing
entries to turn those formal attribute names into locally more useful
names.
-peter
> I am working on an IdP for my REN . My attribute-resolver is not displaying
> the friendlyNames for my schac attributes rather it returns the oid
> numbers. Am not sure what the problem is because the other attributes are
> fine.
[...]
> the friendlyNames for my schac attributes rather it returns the oid
> numbers. Am not sure what the problem is because the other attributes are
> fine.
> <resolver:AttributeDefinition xsi:type="ad:Simple" id="schacPlaceOfBirth"
> sourceAttributeID="schacPlaceOfBirth">
That's a Shibboleth IDP configuraton snippet, and it's fine, AFAICT
> sourceAttributeID="schacPlaceOfBirth">
(if you got the OID right, which I didn't check).
> This is the output when queried
> [urn:oid:1.3.6.1.4.1.7135.1.2.1.32] B.Sc. Ing\xc3\xa9nieur Conception
> [urn:oid:1.3.6.1.4.1.25178.1.2.2] 2
> [urn:oid:1.3.6.1.4.1.7135.1.2.1.25] 2015
> [urn:oid:1.3.6.1.4.1.25178.1.2.3] 19901001
> [urn:oid:1.3.6.1.4.1.1466.115.121.1.15] SN
> [uid] test
> [eduPersonPrincipalName] te...@example.com
> [eduPersonPrimaryAffiliation] test
> [sn] testing
lacking some SCHAC-defined attributes in its oid2name attributemap
(cf. attributemap/oid2name.php for example; the copy I have on disk
only has entries for schacHomeOrganization and
schacPersonalUniqueCode, it seems).
OIDs under 1.3.6.1.4.1.7135. are your own (CRU), of course, so the SSP
software distribution cannot know "friendlier" names for those by
default. You'd have to add those yourself.
So the IDP is Doing The Right Thing and the SP is merely missing
entries to turn those formal attribute names into locally more useful
names.
-peter
Reply all
Reply to author
Forward
0 new messages