Hello,
I have
‘simplesaml.attributes’ => true,
‘attributes’ => array(‘displayName’,’uid’,’telephoneNumber’,’mail’),
in saml20-sp-remote.php and I have
'authproc' => array(
50 => array(
'class' => 'core:AttributeMap',
'uid' => 'uid',
'displayName' => 'displayName',
'telephoneNumber' => 'telephoneNumber',
'mail' => 'mail',
),
),
in saml20-idp-hosted.php, saml20-idp-remote.php and authsources.php.
In my Shib IdP log assertion has all the attributes in. But Shib SP side does not receive anything.
I used core:attributeCopy, core:attributeAdd, none of the descriptions seems to just do attribute release.
Thanks
Yi
Yes, Since this is my initial attribute releasing test, all the attributes are standard, released as OID, please see the log file at the bottom. I changed my metadata to
'authproc' => array(
50 => array(
'class' => 'core:AttributeLimit',
),
It is the same result, no attribute on Shibboleth SP side received
s:10:"Attributes";a:7:{s:33:"urn:oid:0.9.2342.19200300.100.1.1";a:1:{i:0;s:5:"yqian";}
s:32:"urn:oid:1.3.6.1.4.1.5923.1.1.1.1";a:3:{i:0;s:6:"Member";i:1;s:5:"Staff";i:2;s:8:"Employee";}
s:32:"urn:oid:1.3.6.1.4.1.5923.1.1.1.9";a:3:{i:0;s:13:"Mem...@ku.edu";i:1;s:12:"St...@ku.edu";i:2;s:15:"Empl...@ku.edu";}
s:16:"urn:oid:2.5.4.20";a:1:{i:0;s:15:"+1 785 864 0402";}
s:33:"urn:oid:0.9.2342.19200300.100.1.3";a:1:{i:0;s:12:"yq...@ku.edu";}
s:33:"urn:oid:1.3.6.1.4.1.5923.1.1.1.10";a:1:{i:0;O:11:"DOMNodeList":0:{}}
s:33:"urn:oid:2.16.840.1.113730.3.1.241";a:1:{i:0;s:7:"Yi Qian";}}
s:11:"LogoutState";a:4:{s:16:"saml:logout:Type";s:5:"saml2";
s:15:"saml:logout:IdP";s:46:"https://shibidptstwb1.cc.ku.edu/idp/shibboleth";
s:18:"saml:logout:NameID";a:4:
{s:5:"Value";s:256:"3G3IQKSV363W4LWA6LYDRKGDIBVTXQTA46T3EL6QQWMQXC5PRAQAAEVABXBSWQE7IUV5AEKQQUGITZE2KXOA7B7D6POTJJ5LYEQFETFRPVT3YQRVSZK73HJEIMFUYBL7KIQT3QSBNUNQERUZ3MFZGAJQPK34DRE5RYAGGJGJ3TODENAGDIWCIOJXJHA2KX7WVGW2YRQCKGCPPMBGLOWDWTSGRYUCIIKKTCVO2QLKJFQ3DVPAMPZUU2XCNUGMWDTE";
s:13:"NameQualifier";s:46:"https://shibidptstwb1.cc.ku.edu/idp/shibboleth";
s:15:"SPNameQualifier";s:41:"https://ssp-proxy.qa.ku.edu/simplesamlphp";
s:6:"Format";s:51:"urn:oasis:names:tc:SAML:2.0:nameid-format:transient";
}
s:24:"saml:logout:SessionIndex";s:33:"_e7a411d9cd683f893477fee1107f0cd7";}
s:14:"saml:sp:NameID";a:4:
{
s:5:"Value";s:256:"3G3IQKSV363W4LWA6LYDRKGDIBVTXQTA46T3EL6QQWMQXC5PRAQAAEVABXBSWQE7IUV5AEKQQUGITZE2KXOA7B7D6POTJJ5LYEQFETFRPVT3YQRVSZK73HJEIMFUYBL7KIQT3QSBNUNQERUZ3MFZGAJQPK34DRE5RYAGGJGJ3TODENAGDIWCIOJXJHA2KX7WVGW2YRQCKGCPPMBGLOWDWTSGRYUCIIKKTCVO2QLKJFQ3DVPAMPZUU2XCNUGMWDTE";
s:13:"NameQualifier";s:46:"https://shibidptstwb1.cc.ku.edu/idp/shibboleth";
s:15:"SPNameQualifier";s:41:"https://ssp-proxy.qa.ku.edu/simplesamlphp";
s:6:"Format";s:51:"urn:oasis:names:tc:SAML:2.0:nameid-format:transient";
}
s:9:"Authority";
s:10:"default-sp";
s:12:"AuthnInstant";i:1481555672;
s:6:"Expire";i:1481584472;
s:13:"RawAttributes";a:1:
{s:33:"urn:oid:1.3.6.1.4.1.5923.1.1.1.10";a:1:
{i:0;C:29:"SAML2\XML\saml\AttributeValue":446:
{s:437:"
<saml2:AttributeValue xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
NameQualifier="https://shibidptstwb1.cc.ku.edu/idp/shibboleth"
SPNameQualifier="https://ssp-proxy.qa.ku.edu/simplesamlphp">
hd1lx7xRl6UWtF6EVIUxcj49ObU=
</saml2:NameID>
</saml2:AttributeValue>";