Receiving the 'eduPersonUniqueId' attribute
25 views
Skip to first unread message
Juan Manuel Palacios
Aug 21, 2017, 7:44:41 PM8/21/17
to SimpleSAMLphp, Vincent Thomasino
Hi,
I'm about to perform an integration with an IdP that will be sending me the 'eduPersonUniqueId' attribute, which maps to urn:oid:1.3.6.1.4.1.5923.1.1.1.13. My problem is that, if I'm not mistaken, support for that attribute/urn was introduced into the SimpleSAMLphp code base in commit f2644710d848d7ebc3ed3b5ae0e86d734af98b5d, which only exists in the master branch and not in simplesamlphp-1.14 from which releases are currently being cut (I'm on the latest 1.14.15).
So my question is whether my SimpleSAMLphp deployment will be able to transform that attribute even if it's not in its attributemap/name2oid.php file... or are the contents there being used only for documentation purposes? And if I indeed have to patch my deployment to support transforming that attribute, do I only have to back port commit f2644710d848d7ebc3ed3b5ae0e86d734af98b5d? Or do I also have to do something else?
Thanks for the help!
Juan Palacios
Senior Software Architect
135 W. 26th St |12th Fl | NY, NY 10001
4th Kognito Simulation Added to SAMHSA's National Registry of Evidence-Based Programs and Practices. Learn more
Connect with us!
Thijs Kinkhorst
Aug 22, 2017, 1:26:07 AM8/22/17
to simple...@googlegroups.com
Hi Juan,
On 22-08-17 01:44, Juan Manuel Palacios wrote:
> I'm about to perform an integration with an IdP that will be sending me
> the 'eduPersonUniqueId' attribute, which maps to
> urn:oid:1.3.6.1.4.1.5923.1.1.1.13. My problem is that, if I'm not
> mistaken, support for that attribute/urn was introduced into the
> SimpleSAMLphp code base in commit
> f2644710d848d7ebc3ed3b5ae0e86d734af98b5d
> <https://github.com/simplesamlphp/simplesamlphp/commit/f2644710d848d7ebc3ed3b5ae0e86d734af98b5d>,
configuration files that you can change. You can apply the mappings via
the core:AttributeMap authentication processing filter.
See: https://simplesamlphp.org/docs/stable/core:authproc_attributemap
The second example uses the shipped name2oid map. You can change that
map to add the new attribute, or you can specify any name there of a
separate file that contains your own mappings.
Cheers,
Thijs
On 22-08-17 01:44, Juan Manuel Palacios wrote:
> I'm about to perform an integration with an IdP that will be sending me
> the 'eduPersonUniqueId' attribute, which maps to
> urn:oid:1.3.6.1.4.1.5923.1.1.1.13. My problem is that, if I'm not
> mistaken, support for that attribute/urn was introduced into the
> SimpleSAMLphp code base in commit
> f2644710d848d7ebc3ed3b5ae0e86d734af98b5d
> which only exists in the master branch and not in simplesamlphp-1.14
> from which releases are currently being cut (I'm on the latest 1.14.15).
>
> So my question is whether my SimpleSAMLphp deployment will be able to
> transform that attribute even if it's not in its
> attributemap/name2oid.php file... or are the contents there being used
> only for documentation purposes? And if I indeed have to patch my
> deployment to support transforming that attribute, do I only have to
> back port commit f2644710d848d7ebc3ed3b5ae0e86d734af98b5d? Or do I also
> have to do something else?
The shipped attribute maps are just defaults and I would consider them
> from which releases are currently being cut (I'm on the latest 1.14.15).
>
> So my question is whether my SimpleSAMLphp deployment will be able to
> transform that attribute even if it's not in its
> attributemap/name2oid.php file... or are the contents there being used
> only for documentation purposes? And if I indeed have to patch my
> deployment to support transforming that attribute, do I only have to
> back port commit f2644710d848d7ebc3ed3b5ae0e86d734af98b5d? Or do I also
> have to do something else?
configuration files that you can change. You can apply the mappings via
the core:AttributeMap authentication processing filter.
See: https://simplesamlphp.org/docs/stable/core:authproc_attributemap
The second example uses the shipped name2oid map. You can change that
map to add the new attribute, or you can specify any name there of a
separate file that contains your own mappings.
Cheers,
Thijs
Reply all
Reply to author
Forward
0 new messages