The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

[Arthur Petrosyan <arthur AT sci.am>]

Dear Colleagues,

Could anyone help me to correct our IdP configuration (Shibboleth 2.4.4) to
properly release attribute "urn:oid:1.3.6.1.4.1.5923.1.1.1.10" (eduPersonTargetedID)

Below the related part of our 'attribute-resolver.xml'

--------------
  <resolver:AttributeDefinition xsi:type="ad:SAML2NameID" id="eduPersonTargetedID" nameIdFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" sourceAttributeID="computedID">
        <resolver:Dependency ref="myLDAP" />
        <resolver:AttributeEncoder xsi:type="enc:SAML1XMLObject" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" />
        <resolver:AttributeEncoder xsi:type="enc:SAML2XMLObject" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" friendlyName="eduPersonTargetedID" />
   </resolver:AttributeDefinition>
--------------

With such config, for example, I can't login to CAT. It says:

		Caused by: SimpleSAML_Error_Exception: This service needs at least one of the following
		attributes to identity users: eduPersonTargetedID, facebook_targetedID, google_eppn, linkedin_targetedID, twitter_targetedID. Unfortunately not
		one of them was detected. Please ask your institution administrator to release one of them, or try using another identity provider.

Where is the error?

Can anyone share his example config?

Thanks in advance.

-- 
Regards,
Arthur Petrosyan

| Dr. Arthur Petrosyan
| --------------------------------------------------------
| Senior Scientific Researcher, Head of Network and Cloud Services Direction,
| Deputy Head of Computational and Cognitive Networks Department at the
| Institute for Informatics and Automation Problems /IIAP/
| National Academy of Sciences of Armenia /NAS RA/,
| Academic Scientific Research Computer Network of Armenia /ASNET-AM/
| HTTP://www.asnet.am/   E-mail: arthur AT sci.am
| Phone:  +37410 526742  Fax:    +37410 569281
| --------------------------------------------------------