 |
 |
Hi, I'm trying to replace deprecated legacy config (using a PrincipalConnector) in a IdP (v. 3.4.6) with subject canonicalization configuration, and I've been going round and round in the Shibboleth WIKI trying to work out how to do this. What I want to to should be fairly simple: * If the user authenticates against LDAP using the UI in the IdP, then the username they enter is used to look up their attributes in LDAP matching against uid in the LDAP record. * If the user authenticates elsewhere, an attribute request is received from the SP and the principal in that attribute request is used to look up their attributes in LDAP matching against uid in the LDAP record. The first bit is the usual authentication workflow, it's the second which is confusing me; I've tried a number of configuration options using the c14n files, without success. I'm clearly not understanding the documentation in the WIKI. If anyone has some sample configuration I could see, I'd be very grateful. Thanks, Simon ----- Dr Simon McLeish Resource Discovery Architect Bodleian Libraries Email: [log in to unmask] | Phone: 01865 283818 ######################################################################## To unsubscribe from the JISC-SHIBBOLETH list, click the following link: https://www.jiscmail.ac.uk/cgi-bin/webadmin?SUBED1=JISC-SHIBBOLETH&A=1