Shibboleth Developers

["Rieger, Sebastian" <>]

Hi,

we're working on an IdP proxy implementation for the Max-Planck-Society in
Germany. The proxy allows the users to login at their local institutes Shib1
or Shib2 IdP. The authentication und authorization works fine! but from
scoped attributes of the institutes IdPs we get only the values. We do the
following...


Iterator<String> attributesValues = samlAttribute.getValues();
                
String name = attributeName.substring(attributeName.lastIndexOf(":")+1);
Attribute attribute = new BasicAttribute(name);
while(attributesValues.hasNext())
{
        String value = attributesValues.next();
        attribute.add(value);
        log.debug("AttributeID: "+attribute.getID()+" Value: "+value);
}
attributeList.add(attribute);


We want to get the Scope not the value, to concatenate both 
(value@scope)
and use prescoped attribute definitions in our resolver at the Proxy. I
dindn't find any methods to get the Scope in the IdP source. A collegue
found some interfaces in shib-common, though. What whould be the appropriate
way to get the scope? or do we need to parse the SAMLAttribute and get the
scope via XPATH - I'd like not to go for this custom hack... ;)

Thanks in advance for any hints!

MfG

Sebastian Rieger

--
Dr. Sebastian Rieger
Gesellschaft für wissenschaftliche Datenverarbeitung mbH Göttingen 
Am Fassberg - 37077 Göttingen
Fon: +49 551 201 1878 -- Fax: +49 551 201 2150

Geschäftsführer: Prof. Dr. Bernhard Neumair
Aufsichtsratsvorsitzender: Prof. Dr. Christian Griesinger
Sitz der Gesellschaft: Göttingen
Registergericht: Göttingen
Handelsregister-Nr. B 598

Die digitale Unterschrift dieser Mail kann anhand des Zertifikats des DFN
überprüft werden:
https://ca.gwdg.de/certs/root-DGP/deutsche-telekom-ca2-root-cert.der

Attachment: smime.p7s
Description: S/MIME cryptographic signature