grouper-users - Re: [grouper-users] Scoped eppn question
Subject: Grouper Users - Open Discussion List
List archive
- From: Scott Koranda <>
- To: "Hyzer, Chris" <>
- Cc: Bryan Wooten <>, "" <>
- Subject: Re: [grouper-users] Scoped eppn question
- Date: Mon, 13 Jan 2020 16:48:51 -0600
> 4. -or- do SP-foo which validates the scope is correct and the Idp
> is correct (if federated) and strip off the scope before putting it
> in REMOTE_USER
Since the Shibboleth SP will by default verify that the scope on an ePPN
is correct (assuming you have not significantly changed the
configuration or done odd things with your SAML metadata), you can
"strip off" the scope using a TransformAttributeResolver:
https://wiki.shibboleth.net/confluence/display/SP3/TransformAttributeResolver
HTH,
Scott K
- [grouper-users] Scoped eppn question, Bryan Wooten, 01/13/2020
- Re: [grouper-users] Scoped eppn question, Greg Haverkamp, 01/13/2020
- RE: [grouper-users] Scoped eppn question, Hyzer, Chris, 01/13/2020
- Re: [grouper-users] Scoped eppn question, Scott Koranda, 01/13/2020
Archive powered by MHonArc 2.6.19.