[[SSO Azure AD 365]]
Trace:
Show pageOld revisions
AdminRecent ChangesSitemap

* ancien site

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
docpublic:systemes:shibboleth:azure365 [2021/07/02 14:45]
adminjp [attribute resolver] 		docpublic:systemes:shibboleth:azure365 [2021/07/02 14:52] (current)
adminjp [attribute resolver]
Line 87: Line 87:
 </code> </code>
  
 +on a aussi definit le 2eme attribut qui est une simple reprise de attributeNames="mail" depuis LDAP
  
 +il faut evidement recuperer ces attributs (mail et supannRefId) depuis le dataConnector "myldap" 
 +
 +<code>
 +  <DataConnector id="myLDAP" xsi:type="LDAPDirectory"
 +        ldapURL="%{idp.attribute.resolver.LDAP.ldapURL}"
 +        baseDN="%{idp.attribute.resolver.LDAP.baseDN}" 
 +        principal="%{idp.attribute.resolver.LDAP.bindDN}"
 +        principalCredential="%{idp.attribute.resolver.LDAP.bindDNCredential}"
 +        useStartTLS="%{idp.attribute.resolver.LDAP.useStartTLS:true}"
 +        connectTimeout="%{idp.attribute.resolver.LDAP.connectTimeout}"
 +        trustFile="%{idp.attribute.resolver.LDAP.trustCertificates}"
 +        responseTimeout="%{idp.attribute.resolver.LDAP.responseTimeout}"
 +        connectionStrategy="%{idp.attribute.resolver.LDAP.connectionStrategy}"
 +        noResultIsError="true"
 +        multipleResultsIsError="true"
 +        excludeResolutionPhases="c14n/attribute"
 +        exportAttributes="mail displayName cn sn givenName departmentNumber employeeNumber uid eduPersonAffiliation supannRefId ">
 +        <FilterTemplate>
 +            <![CDATA[
 +                %{idp.attribute.resolver.LDAP.searchFilter}
 +            ]]>
 +        </FilterTemplate>
 +</code>
 +
 +
 +==== aacli resolver ====
 +
 +on peux tester la resolution d'attribut vers le SP MSOnline avec le script aacli.sh 
 +
 +<code>
 +[root@idpx shibboleth-idp]# ./bin/aacli.sh --requester=urn:federation:MicrosoftOnline --configDir=conf/ --principal=testuser
 + {
 +    "name": "mail",
 +    "values": [
 +        "user.test@domain.fr"
 +    ]
 +  },
 +  
 +
 +  {
 +    "name": "cn",
 +    "values": [
 +        "TEST User"
 +    ]
 +  },
 +  
 +
 +  {
 +    "name": "ImmutableID",
 +    "values": [
 +        "m20WX2efJUarbMor/iewhQ=="
 +    ]
 +  },
 +
 +</code>
docpublic/systemes/shibboleth/azure365.1625237119.txt.gz ยท Last modified: 2021/07/02 14:45 by adminjp
Show pageOld revisions
[unknown link type]Back to top
CC Attribution-Noncommercial-Share Alike 4.0 International
www.chimeric.de Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0