shibboleth-dev - Re: [Shib-Dev] attribute-encoder.xml
Subject: Shibboleth Developers
List archive
- From: "Kevin P. Foote" <>
- To:
- Subject: Re: [Shib-Dev] attribute-encoder.xml
- Date: Tue, 2 Feb 2010 16:51:30 -0500 (EST)
+1
Would make resolver tons less cluttered.
Also like Etan's suggestion of enabling both ways.
------
thanks
kevin.foote
On Tue, 2 Feb 2010, Nate Klingenstein wrote:
-> Shibbolizers,
->
-> An idea struck me while trolling through another attribute-resolver.xml
file
-> and talking to Chad. Would it be better if attribute encoders were
-> maintained in a separate file, like attribute filters?
->
-> There's a lot of visual clutter that is added by the inclusion of the
-> attribute encoders in the middle of attribute definitions. They're very
-> rarely changed by deployers (though new ones are added), while other parts
of
-> the resolver file, such as data connector dependencies, would be changed
more
-> often. Furthermore, they're a distinct part of the attribute system,
though,
-> and are only used later in the process, outside of the resolver itself.
->
-> I'd really like to see the encoders placed into a separate
-> attribute-encoder.xml file. An attribute definition would then look
-> like(though the syntax might be further collapsible):
->
-> <resolver:AttributeDefinition id="uid" xsi:type="Simple"
-> xmlns="urn:mace:shibboleth:2.0:resolver:ad"
-> sourceAttributeID="uid">
-> <resolver:Dependency ref="myLDAP" />
-> </resolver:AttributeDefinition>
->
-> and the corresponding part of attribute-encoder.xml would look like:
->
-> <AttributeEncoder attributeID="uid">
->
-> <resolver:AttributeEncoder xsi:type="SAML1String"
-> xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
-> name="urn:mace:dir:attribute-def:uid" />
->
-> <resolver:AttributeEncoder xsi:type="SAML2String"
-> xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
-> name="urn:oid:0.9.2342.19200300.100.1.1" friendlyName="uid" />
->
-> </AttributeEncoder>
->
-> I'd also like the attribute-encoder.xml defaults to be uncommented in the
-> distribution. Since the corresponding attributes are already commented
out,
-> I can't see any harm from doing so, but it would make the IdP more
-> approachable to deployers.
->
-> Anyone in favor or against?
-> Nate.
- attribute-encoder.xml?, Nate Klingenstein, 02/02/2010
- RE: [Shib-Dev] attribute-encoder.xml?, Etan Weintraub, 02/02/2010
- Re: [Shib-Dev] attribute-encoder.xml?, Chad La Joie, 02/02/2010
- RE: [Shib-Dev] attribute-encoder.xml?, Etan Weintraub, 02/02/2010
- RE: [Shib-Dev] attribute-encoder.xml?, Scott Cantor, 02/02/2010
- Re: [Shib-Dev] attribute-encoder.xml?, Leif Johansson, 02/03/2010
- Re: [Shib-Dev] attribute-encoder.xml?, Chad La Joie, 02/03/2010
- Re: [Shib-Dev] attribute-encoder.xml?, Leif Johansson, 02/03/2010
- RE: [Shib-Dev] attribute-encoder.xml?, Scott Cantor, 02/02/2010
- RE: [Shib-Dev] attribute-encoder.xml?, Etan Weintraub, 02/02/2010
- Re: [Shib-Dev] attribute-encoder.xml?, Chad La Joie, 02/02/2010
- Re: [Shib-Dev] attribute-encoder.xml, Kevin P. Foote, 02/02/2010
- Re: [Shib-Dev] attribute-encoder.xml?, Paul Hethmon, 02/02/2010
- Re: [Shib-Dev] attribute-encoder.xml?, Jim Fox, 02/02/2010
- Re: [Shib-Dev] attribute-encoder.xml?, Chad La Joie, 02/02/2010
- Re: [Shib-Dev] attribute-encoder.xml?, Jim Fox, 02/02/2010
- Re: [Shib-Dev] attribute-encoder.xml?, Chad La Joie, 02/02/2010
- Re: [Shib-Dev] attribute-encoder.xml?, Karsten Huneycutt, 02/03/2010
- Re: [Shib-Dev] attribute-encoder.xml?, Chad La Joie, 02/03/2010
- Re: [Shib-Dev] attribute-encoder.xml?, Karsten Huneycutt, 02/03/2010
- Re: [Shib-Dev] attribute-encoder.xml?, Chad La Joie, 02/03/2010
- Re: [Shib-Dev] attribute-encoder.xml?, Christopher Bongaarts, 02/04/2010
- Re: [Shib-Dev] attribute-encoder.xml?, Chad La Joie, 02/04/2010
- RE: [Shib-Dev] attribute-encoder.xml?, Etan Weintraub, 02/02/2010
Archive powered by MHonArc 2.6.16.