configs/attribute-map.xml.in

   1 <Attributes xmlns="urn:mace:shibboleth:2.0:attribute-map"
   2     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   3     xsi:schemaLocation="urn:mace:shibboleth:2.0:attribute-map @-PKGXMLDIR-@/shibboleth-2.0-attribute-map.xsd">
   4
   5         <!-- First some useful eduPerson attributes that many sites might use. -->
   6
   7         <Attribute name="urn:mace:dir:attribute-def:eduPersonPrincipalName" id="REMOTE_USER">
   8                 <AttributeDecoder xsi:type="ScopedAttributeDecoder"/>
   9         </Attribute>
  10
  11         <Attribute name="urn:mace:dir:attribute-def:eduPersonScopedAffiliation" id="affiliation">
  12                 <AttributeDecoder xsi:type="ScopedAttributeDecoder" caseSensitive="false"/>
  13         </Attribute>
  14
  15         <Attribute name="urn:mace:dir:attribute-def:eduPersonAffiliation" id="unscoped-affiliation">
  16                 <AttributeDecoder xsi:type="ScopedAttributeDecoder" caseSensitive="false"/>
  17         </Attribute>
  18
  19         <Attribute name="urn:mace:dir:attribute-def:eduPersonEntitlement" id="entitlement"/>
  20
  21         <!-- A persistent id attribute that supports personalized anonymous access. -->
  22
  23         <!-- First, the deprecated version: -->
  24         <Attribute name="urn:mace:dir:attribute-def:eduPersonTargetedID" id="REMOTE_USER">
  25                 <AttributeDecoder xsi:type="ScopedAttributeDecoder"/>
  26         </Attribute>
  27
  28         <!-- Second, the new version (note the OID-style name): -->
  29         <Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" id="REMOTE_USER">
  30                 <AttributeDecoder xsi:type="NameIDAttributeDecoder" formatter="$Name!!$NameQualifier!!$SPNameQualifier"/>
  31         </Attribute>
  32
  33         <!-- Third, the SAML 2.0 NameID Format: -->
  34         <Attribute name="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" id="REMOTE_USER">
  35                 <AttributeDecoder xsi:type="NameIDAttributeDecoder" formatter="$Name!!$NameQualifier!!$SPNameQualifier"/>
  36         </Attribute>
  37
  38         <!-- Some more eduPerson attributes, uncomment these to use them... -->
  39         <!--
  40         <Attribute name="urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation" id="primary-affiliation">
  41                 <AttributeDecoder xsi:type="StringAttributeDecoder" caseSensitive="false"/>
  42         </Attribute>
  43         <Attribute name="urn:mace:dir:attribute-def:eduPersonNickname" id="nickname"/>
  44         <Attribute name="urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN" id="primary-orgunit-dn"/>
  45         <Attribute name="urn:mace:dir:attribute-def:eduPersonOrgUnitDN" id="orgunit-dn"/>
  46         <Attribute name="urn:mace:dir:attribute-def:eduPersonOrgDN" id="org-dn"/>
  47         -->
  48
  49         <!--Examples of LDAP-based attributes, uncomment to use these... -->
  50         <!--
  51         <Attribute name="urn:mace:dir:attribute-def:cn" id="cn"/>
  52         <Attribute name="urn:mace:dir:attribute-def:sn" id="sn"/>
  53         <Attribute name="urn:mace:dir:attribute-def:givenName" id="givenName"/>
  54         <Attribute name="urn:mace:dir:attribute-def:mail" id="mail"/>
  55         <Attribute name="urn:mace:dir:attribute-def:telephoneNumber" id="telephoneNumber"/>
  56         <Attribute name="urn:mace:dir:attribute-def:title" id="title"/>
  57         <Attribute name="urn:mace:dir:attribute-def:initials" id="initials"/>
  58         <Attribute name="urn:mace:dir:attribute-def:description" id="description"/>
  59         <Attribute name="urn:mace:dir:attribute-def:carLicense" id="carLicense"/>
  60         <Attribute name="urn:mace:dir:attribute-def:departmentNumber" id="departmentNumber"/>
  61         <Attribute name="urn:mace:dir:attribute-def:displayName" id="displayName"/>
  62         <Attribute name="urn:mace:dir:attribute-def:employeeNumber" id="employeeNumber"/>
  63         <Attribute name="urn:mace:dir:attribute-def:employeeType" id="employeeType"/>
  64         <Attribute name="urn:mace:dir:attribute-def:preferredLanguage" id="preferredLanguage"/>
  65         <Attribute name="urn:mace:dir:attribute-def:manager" id="manager"/>
  66         <Attribute name="urn:mace:dir:attribute-def:seeAlso" id="seeAlso"/>
  67         <Attribute name="urn:mace:dir:attribute-def:facsimileTelephoneNumber" id="facsimileTelephoneNumber"/>
  68         <Attribute name="urn:mace:dir:attribute-def:street" id="street"/>
  69         <Attribute name="urn:mace:dir:attribute-def:postOfficeBox" id="postOfficeBox"/>
  70         <Attribute name="urn:mace:dir:attribute-def:postalCode" id="postalCode"/>
  71         <Attribute name="urn:mace:dir:attribute-def:st" id="st"/>
  72         <Attribute name="urn:mace:dir:attribute-def:l" id="l"/>
  73         <Attribute name="urn:mace:dir:attribute-def:ou" id="ou"/>
  74         <Attribute name="urn:mace:dir:attribute-def:businessCategory" id="businessCategory"/>
  75         <Attribute name="urn:mace:dir:attribute-def:physicalDeliveryOfficeName" id="physicalDeliveryOfficeName"/>
  76         -->
  77
  78 </Attributes>