'Re: release the exact ldap attribute value'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       shibboleth-users
Subject:    Re: release the exact ldap attribute value
From:       Souleye Ndiaye <ndiaye.souleye () gmail ! com>
Date:       2019-11-21 9:19:55
Message-ID: CANrTpnmVyc-Z2yAV1nu+Bf0s0RGmx5YD+PXM9fJ6ZLk6G1H+pA () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Hi,

Thanks a lot! That was exactly what i was looking for!
Regards

Am Mi., 20. Nov. 2019 um 17:43 Uhr schrieb Peter Schober <
peter.schober@univie.ac.at>:

> * Souleye Ndiaye <ndiaye.souleye@gmail.com> [2019-11-20 14:21]:
> > how can i tell the idP to return the exact LDAP value (e.g. uid) instead
> > the user entry during authentication? I want to achieve that a  uid „case
> > matching" between SP and LDAP is guaranteed.
>
> What Ian said: By looking up its value and releasing what's stored in
> LDAP, i.e., by avoiding the "PrincipalName"-type attribute defintion
> and using LDAP for normalization of the values (assuming you have
> conistent values stored in LDAP, of course).
>
> -peter
> --
> For Consortium Member technical support, see
> https://wiki.shibboleth.net/confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe@shibboleth.net

[Attachment #5 (text/html)]

<div dir="ltr"><div>Hi,</div><div><br></div><div>Thanks a lot! That was exactly what \
i was looking for!</div><div>Regards<br></div></div><br><div class="gmail_quote"><div \
dir="ltr" class="gmail_attr">Am Mi., 20. Nov. 2019 um 17:43  Uhr schrieb Peter \
Schober &lt;<a href="mailto:peter.schober@univie.ac.at">peter.schober@univie.ac.at</a>&gt;:<br></div><blockquote \
class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid \
rgb(204,204,204);padding-left:1ex">* Souleye Ndiaye &lt;<a \
href="mailto:ndiaye.souleye@gmail.com" \
target="_blank">ndiaye.souleye@gmail.com</a>&gt; [2019-11-20 14:21]:<br> &gt; how can \
i tell the idP to return the exact LDAP value (e.g. uid) instead<br> &gt; the user \
entry during authentication? I want to achieve that a   uid „case<br> &gt; \
matching" between SP and LDAP is guaranteed.<br> <br>
What Ian said: By looking up its value and releasing what&#39;s stored in<br>
LDAP, i.e., by avoiding the &quot;PrincipalName&quot;-type attribute defintion<br>
and using LDAP for normalization of the values (assuming you have<br>
conistent values stored in LDAP, of course).<br>
<br>
-peter<br>
-- <br>
For Consortium Member technical support, see <a \
href="https://wiki.shibboleth.net/confluence/x/coFAAg" rel="noreferrer" \
target="_blank">https://wiki.shibboleth.net/confluence/x/coFAAg</a><br> To \
unsubscribe from this list send an email to <a \
href="mailto:users-unsubscribe@shibboleth.net" \
target="_blank">users-unsubscribe@shibboleth.net</a></blockquote></div>



-- 
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to users-unsubscribe@shibboleth.net

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic