...
※ 個人情報保護の観点から,属性利用組織間で調整の上,attribute-filter.xml により属性を必要とする組織のみに限定公開してください.
...
属性定義の例(LDAPを参照する例) (attribute-resolver.xml)
パネル |
---|
<!-- Definition of gakuninScopedPersonalUniqueCode (LDAP) -->
<resolver:AttributeDefinition id="gakuninScopedPersonalUniqueCode" xsi:type="SimplePrescoped" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
sourceAttributeID="gakuninScopedPersonalUniqueCode">
<resolver:Dependency ref="myLDAP" />
<resolver:AttributeEncoder xsi:type="SAML2ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
name="urn:oid:1.3.6.1.4.1.32264.1.1.6" friendlyName="gakuninScopedPersonalUniqueCode" />
</resolver:AttributeDefinition>
|
属性定義の例(Template Attribute Definitionを挟んだ例) (attribute-resolver.xml)
パネル |
---|
<!-- Definition of gakuninScopedPersonalUniqueCode (Template Attribute) --> <!-- <resolver:AttributeDefinition id="gakuninScopedPersonalUniqueCode" xsi:type="Scoped" xmlns="urn:mace:shibboleth:2.0:resolver:ad" sourceAttributeID="templatePersonalUniqueCode" scope="***.ac.jp"> <resolver:Dependency ref="templatePersonalUniqueCode" />
<resolver:AttributeEncoder xsi:type="SAML2StringSAML2ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder" name="urn:oid:1.3.6.1.4.1.32264.1.1.6" friendlyName="gakuninScopedPersonalUniqueCode" /> </resolver:AttributeDefinition>
<resolver:AttributeDefinition id="templatePersonalUniqueCode" xsi:type="Template" xmlns="urn:mace:shibboleth:2.0:resolver:ad"> <resolver:Dependency ref="myLDAP" />
<Template> <![CDATA[ facultyorstaff:${employeeNumber} ]]> </Template>
<SourceAttribute>employeeNumber</SourceAttribute> </resolver:AttributeDefinition>
|