Farzan Qureshi
2014-08-19 01:11:27 UTC
Hi,
I have following in my attribute-resolver.xml:
<!-- Use AD objectGUID for ImmutableID -->
<resolver:AttributeDefinition id="ImmutableID" xsi:type="Simple"
xmlns="urn:mace:shibboleth:2.0:resolver:ad"
sourceAttributeID="objectGUID">
<resolver:Dependency ref="myLDAP" />
<resolver:AttributeEncoder xsi:type="SAML2StringNameID"
xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
nameFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" />
</resolver:AttributeDefinition>
<!-- mail for Windows Azure AD User ID
<resolver:AttributeDefinition id="UserId"
xsi:type="ad:Simple"
sourceAttributeID="mail">
<resolver:Dependency ref="myLDAP" />
<resolver:AttributeEncoder xsi:type="enc:SAML2String" name="IDPEmail"
friendlyName="UserId" />
</resolver:AttributeDefinition>
-->
I am integrating Office365. But when I login I see in idp-process.logs that
12:39:37.563 - WARN
[edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler:491]
- No attribute of principal 'testuser' can be encoded in to a
NameIdentifier of required format 'urn:oasis:names:tc:SAML:2.0:nameid-for$
12:39:37.600 - INFO [Shibboleth-Audit:1028] -
20140819T003937Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_c8cf79d6-b53d-4714-aefd-506feffb11cb|urn:federation:MicrosoftOnline|urn:mace:shibboleth:2.0:profiles:saml2:sso|
https://idp.ro$
12:47:21.649 - INFO
[edu.internet2.middleware.shibboleth.common.config.attribute.filtering.ShibbolethAttributeFilteringEngineBeanDefinitionParser:54]
- Parsing configuration for attribute filtering engine
shibboleth.AttributeFilterEngine
An ideas?
--
*Farzan Qureshi* | Network Administrator & Help-desk Support | Rosmini
College | (09) 487 0 530
--
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the system manager (
admin-***@public.gmane.org). Please note that any views or opinions presented
in this email are solely those of the author and do not necessarily
represent those of the company. Finally, the recipient should check this
email and any attachments for the presence of viruses. Rosmini College
accepts no liability for any damage caused by any virus transmitted by this
email.
I have following in my attribute-resolver.xml:
<!-- Use AD objectGUID for ImmutableID -->
<resolver:AttributeDefinition id="ImmutableID" xsi:type="Simple"
xmlns="urn:mace:shibboleth:2.0:resolver:ad"
sourceAttributeID="objectGUID">
<resolver:Dependency ref="myLDAP" />
<resolver:AttributeEncoder xsi:type="SAML2StringNameID"
xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
nameFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" />
</resolver:AttributeDefinition>
<!-- mail for Windows Azure AD User ID
<resolver:AttributeDefinition id="UserId"
xsi:type="ad:Simple"
sourceAttributeID="mail">
<resolver:Dependency ref="myLDAP" />
<resolver:AttributeEncoder xsi:type="enc:SAML2String" name="IDPEmail"
friendlyName="UserId" />
</resolver:AttributeDefinition>
-->
I am integrating Office365. But when I login I see in idp-process.logs that
12:39:37.563 - WARN
[edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler:491]
- No attribute of principal 'testuser' can be encoded in to a
NameIdentifier of required format 'urn:oasis:names:tc:SAML:2.0:nameid-for$
12:39:37.600 - INFO [Shibboleth-Audit:1028] -
20140819T003937Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_c8cf79d6-b53d-4714-aefd-506feffb11cb|urn:federation:MicrosoftOnline|urn:mace:shibboleth:2.0:profiles:saml2:sso|
https://idp.ro$
12:47:21.649 - INFO
[edu.internet2.middleware.shibboleth.common.config.attribute.filtering.ShibbolethAttributeFilteringEngineBeanDefinitionParser:54]
- Parsing configuration for attribute filtering engine
shibboleth.AttributeFilterEngine
An ideas?
--
*Farzan Qureshi* | Network Administrator & Help-desk Support | Rosmini
College | (09) 487 0 530
--
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the system manager (
admin-***@public.gmane.org). Please note that any views or opinions presented
in this email are solely those of the author and do not necessarily
represent those of the company. Finally, the recipient should check this
email and any attachments for the presence of viruses. Rosmini College
accepts no liability for any damage caused by any virus transmitted by this
email.