interesting to compare implementations. I haven't looked at that IdP. I
just use declarative mapping. This will turn a DN into EPSA:
<map name="eduPersonScopedAffiliation"
attrName="dn" attrValue=".*tudent.*"
mappedName="urn:mace:dir:attribute-def:eduPersonScopedAffiliation"
mappedValue="student"
mappedRule="append_domain" />
Alistair
--
mov eax,1
mov ebx,0
int 80h
>>
>> Question: How do I implement this? Do I have to use
>> ScriptletAttributeDefinition - the example code on
>> https://spaces.internet2.edu/display/SHIB/ScriptletAttributeDefinition
>> does
>> something similar - or is there a more straightforward way?
>>
>
> ScriptletAttributeAefinition is your friend! I spent several days
> "hacking it to bits" a few weeks back and decided that its really is the
> bees knees for doing stuff, so to use your account-category you would do
> something like
>
> <!criptletAttributeDefinition
> id="urn:mace:dir:attribute-def:eduPersonAffiliation">
> <DataConnectorDependency requires="directory"/>
> <!criptlet><![CDATA[
> Attributes attributes =
> dependencies.getConnectorResolution("directory");
> Attribute category = attributes.get("account-category");
> String categorystr=category.toString();
> if (categorystr.indexOf("undergraduate")>0)
> {
> resolverAttribute.addValue("student");
> resolverAttribute.addValue("member");
> }
> //etc etc
> ]]></Scriptlet>
> </ScriptletAttributeDefinition>
>
> Cobbled together from our own resolver, off the top of my head, (i.e. I
> may have made the odd mistake :-) But it really isn't all that bad and
> gives you a huge amount of power to infer all kinds of useful things from
> stuff you have in the directory already.
>
> Cheers
> Andy
>
>
>
> --
>
> *********
> Andy Swiffin
> Senior Network Specialist, Corporate Information systems
> Information & Communications Services (ICS)
>
> University of Dundee, Computing Centre, Park Place, Dundee, DD1 4HN
> Direct: 01382 388000 (Service Desk)
> Visit our website at: www.dundee.ac.uk/ics
> *********
>
