schacHomeOrganization

Added by Brook Schofield, last edited by David Gameau on Oct 30, 2009  (view change)
Description Specifies a person's home organization using the domain name of the organization.
Format Domain name according to RFC 1035
Classification Contact/location information
Origin/ObjectClass schacContactLocation
OID 1.3.6.1.4.1.25178.1.2.9
SAML attribute name urn:oid:1.3.6.1.4.1.25178.1.2.9
LDAP syntax directoryString [1.3.6.1.4.1.1466.115.121.1.15]
Number of values Single
Example values schacHomeOrganization = tut.fi
Available
Source Static
Value unisa.edu.au

Implementation Details

Shibboleth 2 Syntax

This attribute syntax is specific to Shibboleth 2 for the [Australian Access Federation "Pilot"].

Shibboleth Identity Provider

Add the following to your attribute-resolver.xml:

    <!-- ==schacHomeOrganizationType== -->
    <resolver:AttributeDefinition id="homeOrganization" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
        sourceAttributeID="homeOrganization">
        <resolver:Dependency ref="staticAttributes" />

        <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
                name="urn:oid:1.3.6.1.4.1.25178.1.2.9" />

        <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
                name="urn:oid:1.3.6.1.4.1.25178.1.2.9" friendlyName="homeOrganization" />
    </resolver:AttributeDefinition>

    <!-- ==schacHomeOrganizationType== -->
    <resolver:AttributeDefinition id="homeOrganizationType" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
        sourceAttributeID="homeOrganizationType">
        <resolver:Dependency ref="staticAttributes" />

        <resolver:AttributeEncoder xsi:type="SAML1String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
                name="urn:oid:1.3.6.1.4.1.25178.1.2.10" />

        <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
                name="urn:oid:1.3.6.1.4.1.25178.1.2.10" friendlyName="homeOrganizationType" />
    </resolver:AttributeDefinition>

You'll need to add a "staticAttributes" Data Connector with the following:

    <resolver:DataConnector id="staticAttributes" xsi:type="Static" xmlns="urn:mace:shibboleth:2.0:resolver:dc">
        <!-- add homeOrganization to your existing staticAttributes -->
        <Attribute id="homeOrganization">
            <Value>unisa.edu.au</Value>
        </Attribute>

        <!-- add homeOrganizationType to your existing staticAttributes -->
        <Attribute id="homeOrganizationType">
            <Value>urn:mace:terena.org:schac:homeOrganizationType:int:university</Value>
        </Attribute>

    </resolver:DataConnector>

If you already have a data connector of this type - simply add the "homeOrganization" attribute to it.

Shibboleth Service Provider

Add the following to attribute-map.xml to 

  <Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.9" id="homeOrganization" /> 
  <Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.10" id="homeOrganizationType" />

Ensure that your attribute-policy.xml either explicitly allows this attribute or all attributes:

    <afp:AttributeRule attributeID="*">
        <afp:PermitValueRule xsi:type="ANY" /> 
    </afp:AttributeRule>

Labels

attr-core attr-core Delete
schema-schac schema-schac Delete
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.