...
- Värden för eduPersonScopedAffiliation följer användningen i SWAMID enlig ovan.
- Alla medlemmar i gruppen "Anstallda" får
member@hogskola.se
ochemployee@hogskola.se
.member@domän
ochemployee@domän
. - Alla medlemmar i gruppen "Studenter" får
member@hogskola.se
ochstudent@hogskola.se
.member@domän
ochstudent@domän
. - Alla medlemmar i gruppen "OvrigaMedlemmar" får
member@hogskola.se
member@domän
. - Alla medlemmar i gruppen "Alumner" får
alumn@hogskola.se
alumn@domän
.
Känd begränsning:
Grupper i grupper fungerar inte.
Code Block <resolver:AttributeDefinition xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad" id="memberOf" dependencyOnly="true"> <resolver:Dependency ref="myLDAP" /> </resolver:AttributeDefinition> <resolver:AttributeDefinition xsi:type="Script" xmlns="urn:mace:shibboleth:2.0:resolver:ad" id="eduPersonScopedAffiliation"> <!-- Dependency that provides the source attribute. --> <resolver:Dependency ref="memberOf" /> <!-- SAML 1 and 2 encoders for the attribute. --> <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder" name="urn:mace:dir:attribute-def:eduPersonScopedAffiliation" /> <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" friendlyName="eduPersonScopedAffiliation" /> <!-- The script, wrapped in a CDATA section so that special XML characters don't need to be removed --> <Script><![CDATA[ importPackage(Packages.edu.internet2.middleware.shibboleth.common.attribute.provider); // Create attribute to be returned from definition eduPersonAffiliation = new BasicAttribute("eduPersonScopedAffiliation"); // If the user has group membership if (typeof memberOf != "undefined" && memberOf != null ){ // The go through each group membership and add the appropriate affiliation // The IdP will remove duplicate values so we don't need to worry about that here for ( i = 0; i < memberOf.getValues().size(); i++ ){ if (memberOf.getValues().get(i).equals("Anstallda")){ eduPersonAffiliation.getValues().add("member@hogskola.se"); eduPersonAffiliation.getValues().add("employee@hogskola.se"); } if (memberOf.getValues().get(i).equals("Studenter")){ eduPersonAffiliation.getValues().add("member@hogskola.se"); eduPersonAffiliation.getValues().add("student@hogskola.se"); } if (memberOf.getValues().get(i).equals("OvrigaMedlemmar")){ eduPersonAffiliation.getValues().add("member@hogskola.se"); } if (memberOf.getValues().get(i).equals("Alumner") > 0){ eduPersonAffiliation.getValues().add("alumn@hogskola.se"); } } } ]]></Script> </resolver:AttributeDefinition>