Versions Compared

Old Version 21

changes.mady.by.user Pål Axelsson

Saved on

compared with

New Version 22

changes.mady.by.user Pål Axelsson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info
titleUppgradering till version 5

Vid uppgradering till Shibboleth Identity Provider till version 5 måste en javaskriptmotor installeras eftersom nyare versioner av Java inte innehåller någon sådan motor. Se Nashorn - Identity Provider Plugins - Confluence (atlassian.net) för mer information. Vidare måste xsi:type="Script" i attributdefinitionen bytas mot xsi:type="ScriptedAttribute"


Code Block
<resolver:AttributeDefinition xsi:type="ScriptedAttribute" id="eduPersonAffiliation">
     <resolver:Dependency ref="myLDAP" />
    <resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:eduPersonAffiliation" />
    <resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1" friendlyName="eduPersonAffiliation" />
    <!-- The script, wrapped in a CDATA section so that special XML characters don't need to be removed -->
    <Script><![CDATA[
        // If the user has group membership
        if (typeof memberOf != "undefined" && memberOf != null ){
            // The go through each group membership and add the appropriate affiliation
            // The IdP will remove duplicate values so we don't need to worry about that here
            for ( i = 0; i < memberOf.getValues().size(); i++ ) {
                if (memberOf.getValues().get(i).equals("Anstallda") > 0) {
                    eduPersonAffiliation.getValues().add("member");
                    eduPersonAffiliation.getValues().add("employee");
                }
                if (memberOf.getValues().get(i).equals("Studenter") > 0) {
                    eduPersonAffiliation.getValues().add("member");
                    eduPersonAffiliation.getValues().add("student");
                }
                if (memberOf.getValues().get(i).equals("OvrigaMedlemmar") > 0) {
                    eduPersonAffiliation.getValues().add("member");
                }
                if (memberOf.getValues().get(i).equals("Anknytna") > 0) {
                    eduPersonAffiliation.getValues().add("affiliate");
                }
                if (memberOf.getValues().get(i).equals("Alumner") > 0) {
                    eduPersonAffiliation.getValues().add("alum");
                }
            }
        }
    ]]></Script>
</resolver:AttributeDefinition>

 <resolver:AttributeDefinition xsi:type="ad:Scoped" id="eduPersonScopedAffiliation" scope="--domän--" sourceAttributeID="eduPersonAffiliation">
    <resolver:Dependency ref="eduPersonAffiliation" />
    <resolver:AttributeEncoder xsi:type="enc:SAML1ScopedString" name="urn:mace:dir:attribute-def:eduPersonScopedAffiliation" />
    <resolver:AttributeEncoder xsi:type="enc:SAML2ScopedString" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" friendlyName="eduPersonScopedAffiliation" />
</resolver:AttributeDefinition>