cat-users AT lists.geant.org

Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

List archive

Re: [[cat-users]] Fixing IdP configuration (Shibboleth 2.4.4) to release 'eduPersonTargetedID'

From: Zenon Mousmoulas <zmousm AT noc.grnet.gr>
To: Arthur Petrosyan <arthur AT sci.am>
Cc: cat-users AT lists.geant.org
Subject: Re: [[cat-users]] Fixing IdP configuration (Shibboleth 2.4.4) to release 'eduPersonTargetedID'
Date: Wed, 22 Feb 2017 01:21:50 +0200
Authentication-results: prod-mail.geant.net (amavisd-new); dkim=pass (1024-bit key) header.d=noc.grnet.gr

Hi,

On 2017-02-21 21:49, Arthur Petrosyan wrote:

[...]
--------------
<resolver:AttributeDefinition xsi:type="ad:SAML2NameID"
id="eduPersonTargetedID"
nameIdFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
sourceAttributeID="computedID">
<resolver:Dependency ref="myLDAP" />
<resolver:AttributeEncoder xsi:type="enc:SAML1XMLObject"
name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" />
<resolver:AttributeEncoder xsi:type="enc:SAML2XMLObject"
name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10"
friendlyName="eduPersonTargetedID" />
</resolver:AttributeDefinition>
--------------

I think you need to link the attribute definition to e.g. a ComputedId data connector:

https://wiki.shibboleth.net/confluence/display/IDP30/ComputedIdConnector

(And move the ldap dependency there.)

However you should look at your log for insight.

Regards,
Z.

Re: [[cat-users]] [[cat-devel]] Upgrade of SP authentication proxy for eduroam CAT and monitoring services - completed, (continued)