...
Code Block |
---|
<resolver:AttributeDefinition xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad" id="swamiGmaiAssertion" dependencyOnly="true">
<resolver:Dependency ref="myLDAP" />
</resolver:AttributeDefinition>
<resolver:AttributeDefinition xsi:type="Script" xmlns="urn:mace:shibboleth:2.0:resolver:ad" id="NyAwebbenEntitlement" >
<resolver:Dependency ref="swamiGmaiAssertion" />
<resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder" name="urn:mace:dir:attribute-def:eduPersonEntitlement" />
<resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" friendlyName="eduPersonEntitlement" />
<Script>
<![CDATA[
importPackage(Packages.edu.internet2.middleware.shibboleth.common.attribute.provider);
// Definiera lärosäteskod i NyA
larosatekod = new String("YY");
NyAwebbenEntitlement = new BasicAttribute("NyAwebbenEntitlement");
if (swamiGmaiAssertion) {
for (i=0; i < swamiGmaiAssertion.getValues().size(); i++) {
// Basanvändare ej begränsad till enskild institution
if (swamiGmaiAssertion.getValues().get(i).equals("urn:mace:swami.se:gmai:NyA:base")) {
NyAwebbenEntitlement.getValues().add(String.concat("urn:mace:swami.se:gmai:nya-dw:base:o=",larosatekod));
}
}
}
]]>
</Script>
</resolver:AttributeDefinition>
|
...
Code Block |
---|
<resolver:AttributeDefinition xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad" id="memberOf" dependencyOnly="true">
<resolver:Dependency ref="myLDAP" />
</resolver:AttributeDefinition>
<resolver:AttributeDefinition xsi:type="Script" xmlns="urn:mace:shibboleth:2.0:resolver:ad" id="NyAwebbenEntitlement" >
<resolver:Dependency ref="memberOf" />
<resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder" name="urn:mace:dir:attribute-def:eduPersonEntitlement" />
<resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" friendlyName="eduPersonEntitlement" />
<Script>
<![CDATA[
importPackage(Packages.edu.internet2.middleware.shibboleth.common.attribute.provider);
// Definiera lärosäteskod i NyA
larosatekod = new String("YY");
// Definiera grupp för basanvändare
baseGroup = new String("NyA-webben-Base");
// Definiera grupprefix för de olika rollerna
deparmentGroupPrefix = new String("NyA-webben-Department-");
NyAwebbenEntitlement = new BasicAttribute("NyAwebbenEntitlement");
if (memberOf) {
for (i=0; i < memberOf.getValues().size(); i++) {
// Basanvändare ej begränsad till enskild institution
if (memberOf.getValues().get(i).equals(baseGroup) {
NyAwebbenEntitlement.getValues().add(String.concat("urn:mace:swami.se:gmai:nya-dw:base:o=",larosatekod));
}
// Institutionsanvändare begränsat till enskild institution via gruppnamnet
else if (DeparmentGroupPrefix.equals(memberOf.getValues().get(i).substring(0,DeparmentPrefix.length()-1)) {
NyAwebbenEntitlement.getValues().add(String.concat("urn:mace:swami.se:gmai:nya-dw:department:o=",larosatekod,":norEduOrgUnitUniqueNumber=",memberOf.getValues().get(i).substring(DeparmentPrefix.length(),memberOf.getValues().get(i).length())));
}
}
}
]]>
</Script>
</resolver:AttributeDefinition>
|
...