Skip to Content.
Sympa Menu

shibboleth-dev - RE: Custom Data Connector Example

Subject: Shibboleth Developers

List archive

RE: Custom Data Connector Example


Chronological Thread 
  • From: "Scott Cantor" <>
  • To: <>
  • Subject: RE: Custom Data Connector Example
  • Date: Tue, 12 Feb 2008 14:15:22 -0500
  • Organization: The Ohio State University

> Would anyone be willing to submit an example of a custom data connector
> for a Shibboleth 1.x IdP?

I think most people use scriptlets now. Mine predates them.

-- Scott

package edu.osu.oit.shibboleth.aa.attrresolv.provider;

import java.security.Principal;
import java.util.Iterator;
import java.util.regex.*;

import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;

import org.apache.log4j.Logger;
import org.w3c.dom.Element;

import edu.internet2.middleware.shibboleth.aa.attrresolv.*;
import edu.internet2.middleware.shibboleth.aa.attrresolv.provider.BaseAttributeDefinition;
import edu.internet2.middleware.shibboleth.aa.attrresolv.provider.ScopedStringValueHandler;

/**
 * 
 * Custom <code>AttributeDefinitionPlugIn</code> for eduPersonScopedAffiliation
 * 
 * @author Scott Cantor ()
 *
 */
public class AffiliationAttributeDefinition extends BaseAttributeDefinition {

    private static Logger log = Logger.getLogger(AffiliationAttributeDefinition.class.getName());
    private String smartScope;

	public AffiliationAttributeDefinition(Element e) throws ResolutionPlugInException {
        super(e);
        
        smartScope = e.getAttribute("smartScope");
        if (smartScope.equals(""))
            smartScope = null;
	}

	/**
	 * @see edu.internet2.middleware.shibboleth.aa.attrresolv.AttributeDefinitionPlugIn#resolve(edu.internet2.middleware.shibboleth.aa.attrresolv.ArpAttribute, java.security.Principal, java.lang.String, edu.internet2.middleware.shibboleth.aa.attrresolv.Dependencies)
	 */
	public void resolve(ResolverAttribute attribute, Principal principal, String provider, String requester, Dependencies depends)
		throws ResolutionPlugInException {

        if (smartScope != null) {
            attribute.registerValueHandler(new ScopedStringValueHandler(smartScope));
        }

        try {
            boolean member = false;
            boolean employee = false;
            boolean faculty = false;
            boolean staff = false;
            boolean student = false;

            Attributes attrs = depends.getConnectorResolution("account");
            Attribute affiliations = attrs.get("Affiliation");
            if (affiliations != null) {

                // Check for expiration.
                /*
                Attribute expiration = attrs.get("Expiration");
                Object val = (expiration != null) ? expiration.get(0) : null;
                if (val != null) {
                    if (System.currentTimeMillis() > 1000 * (Integer.valueOf(val.toString()).intValue())) {
                        // Expired, so no affiliations apply.
                        log.info("Account for principal (" + principal.getName() + ") expired, no affiliations apply");
                        return;
                    }
                }
                */

                // Affiliations are currently badly packed into a single column value.
                Object val = affiliations.get(0);
                if (val != null) {
                    Pattern p = Pattern.compile("[A-Z]+\\d");
                    Matcher m = p.matcher(val.toString());
                    while (m.find()) {
                        String code = m.group();
                        log.debug("Applying affiliation subcode (" + code + ") for principal (" + principal.getName() + ")");
                        switch (code.charAt(0)) {
                            case 'E':
                                member = employee = true;
                                break;

                            case 'S':
                                if (code.charAt(1) == '1')
                                    member = student = true;
                                break;

                            case 'G':
                                if (code.equals("GE1"))
                                    member = employee = true;
                                else if (code.equals("GS1"))
                                    member = student = true;
                        }
                    }
                }
            }

            attrs = depends.getConnectorResolution("appointment");
            if (attrs != null) {
                Attribute titlecode = attrs.get("title_grp_id_code");
                if (titlecode != null && titlecode.size() > 0) {
                    member = employee = true;
                    if (titlecode.contains("F"))
                        faculty = true;
                    else
                        staff = true;
                }
            }

            if (member)
                attribute.addValue("member");
            if (employee)
                attribute.addValue("employee");
            if (faculty)
                attribute.addValue("faculty");
            if (staff)
                attribute.addValue("staff");
            if (student)
                attribute.addValue("student");

            attribute.setResolved();
        }
        catch (NamingException e) {
            log.error(
                "An problem was encountered resolving the dependencies of attribute ("
                    + getId()
                    + "): "
                    + e);
            throw new ResolutionPlugInException(
                "An problem was encountered resolving the dependencies of attribute ("
                    + getId()
                    + "): "
                    + e);
        }
    }
}



Archive powered by MHonArc 2.6.16.

Top of Page