如何在saml响应中传递friendlyname而不是urn:oid

时间:2018-03-22 12:39:36

标签: ldap saml saml-2.0 shibboleth simplesamlphp

我正在尝试从我的shibboleth idp向服务提供商发送saml响应

如何在saml响应中传递friendlyname而不是urn:oid?现在,我的saml响应包含urn:仅oid,

例如,' urn:oid:0.9.2342.19200300.100.1.6':' 106',

我需要传递的是一个名为" productid"随着这个回应,

' productid:' 106',

下面给出的

是我的attribute-resolver.xml,其中我已将friendlyName作为productid传递给roomNumber(urn:oid:0.9.2342.19200300.100.1.6)

<resolver:AttributeDefinition id="productid" xsi:type="ad:Simple" sourceAttributeID="roomNumber">
        <resolver:Dependency ref="myLDAP" />
        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:roomNumber" encodeType="false" />
        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.6" friendlyName="productid" encodeType="false" />
    </resolver:AttributeDefinition>

我能否对此有所了解?

1 个答案:

答案 0 :(得分:0)

根据doc for SAML2 String看起来你应该可以做到:

<resolver:AttributeDefinition id="productid" xsi:type="ad:Simple" sourceAttributeID="roomNumber">
        <resolver:Dependency ref="myLDAP" />
        <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:roomNumber" encodeType="false" />
        <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="productid" friendlyName="productid" encodeType="false" />
</resolver:AttributeDefinition>

虽然您被鼓励make sure the attribute is unique by its scope

相关问题
最新问题