...
※ 個人情報保護の観点から,属性利用組織間で調整の上,attribute-filter.xml により属性を必要とする組織のみに限定公開してください.
...
属性定義の例(LDAPを参照する例) (attribute-resolver.xml)
| パネル |
|---|
<!-- Definition of gakuninScopedPersonalUniqueCode (LDAP) -->
<resolver:AttributeDefinition id="gakuninScopedPersonalUniqueCode" xsi:type="SimplePrescoped" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
sourceAttributeID="gakuninScopedPersonalUniqueCode">
<resolver:Dependency ref="myLDAP" />
<resolver:AttributeEncoder xsi:type="SAML2ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
name="urn:oid:1.3.6.1.4.1.32264.1.1.6" friendlyName="gakuninScopedPersonalUniqueCode" />
</resolver:AttributeDefinition>
|
属性定義の例(Template Attribute Definitionを挟んだ例) (attribute-resolver.xml)
| パネル |
|---|
<!-- Definition of gakuninScopedPersonalUniqueCode (Template Attribute) -->
<!--
<resolver:AttributeDefinition id="gakuninScopedPersonalUniqueCode" xsi:type="Scoped" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
sourceAttributeID="templatePersonalUniqueCode" scope="***.ac.jp">
<resolver:Dependency ref="templatePersonalUniqueCode" />
<resolver:AttributeEncoder xsi:type="SAML2StringSAML2ScopedString" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
name="urn:oid:1.3.6.1.4.1.32264.1.1.6" friendlyName="gakuninScopedPersonalUniqueCode" />
</resolver:AttributeDefinition>
<resolver:AttributeDefinition id="templatePersonalUniqueCode" xsi:type="Template" xmlns="urn:mace:shibboleth:2.0:resolver:ad">
<resolver:Dependency ref="myLDAP" />
<Template>
<![CDATA[
facultyorstaff:${employeeNumber}
]]>
</Template>
<SourceAttribute>employeeNumber</SourceAttribute>
</resolver:AttributeDefinition>
|