AW: Features - SAML dynamic/custom attributes

cornelinux · February 18, 2016, 3:54pm

Hello Salvo,
This is a good idea and I think 90% of the task is already done.If you take a look at the getUserInfo of the ldap resolver you will see, that you can map any field you like to.
This way you can “invent” new fields in privacyidea and map these to ldap attributes.
Maybe in samlcheck we should return all available keys of the user.info dictionary.
Kind regards Cornelius

Cornelius KölbelCornelius.koelbel@netknights.it+49 151 2960 1417
NetKnights GmbHhttp://netknights.itLandgraf-Karl-Str. 19, 34131 Kassel, GermanyTel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405Geschäftsführer: Cornelius Kölbel-------- Ursprüngliche Nachricht --------
Von: Salvo Rapisarda sdrapisarda@gmail.com
Datum: 18.02.2016 11:45 (GMT+01:00)
An: privacyidea privacyidea@googlegroups.com
Betreff: [privacyidea] Features - SAML dynamic/custom attributes

Hi,
We are using privacyIDEA with SimpleSAMLphp for create a federated authentication platform.
We noticed that the function samlcheck() in /api/validate.py returns a fixed set of attributes.It would be useful for us to customize this set and return other attributes from user resolver (for example, roomNumber or departmentNumber).

What do you think about ?
Salvo.

–

Please read the blog post about getting help

https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor authentication please visit

https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT which suites your needs for SECURITY, AVAILABILITY and LIABILITY:

https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google Groups “privacyidea” group.

To unsubscribe from this group and stop receiving emails from it, send an email to privacyidea+unsubscribe@googlegroups.com.

To post to this group, send email to privacyidea@googlegroups.com.

Visit this group at https://groups.google.com/group/privacyidea.

To view this discussion on the web visit https://groups.google.com/d/msgid/privacyidea/4defb9b9-9694-433a-81fc-7ad39ec8d1c6%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.