Error!

Spaces has been migrated to the cloud. Please go to https://ucla-confluence.atlassian.net to update your space/s.

IT Services has migrated the content of spaces.ais.ucla.edu to Atlassian Confluence Cloud. Please visit https://ucla-confluence.atlassian.net to update your space/s. Spaces.ais.ucla.edu is now in read-only mode through July 31st, 2024
UCTrust Workgroup
Child pages
  • ConfiguringScopedAttributes

Versions Compared

Old Version 3

changes.mady.by.user user-2d79d

Saved on

compared with

New Version 4

changes.mady.by.user user-2d79d

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Note
titleWork in Progress

I am still working to determine the best way to handle IDP 1.3 configuration. Since OID-based attribute naming is a SAML 2 specification, it is difficult for 1.3 IDPs to just support OID-based attribute names. The example below is a guess. I am currently testing/researching whether it works. Stay tuned. With the example below, both attributes have to be released to an application in order for OID-based attribute to work. If MACE-defined attribute is not released as well the OID-based attribute will not be inline scoped and thus rejected by the SP's attribute-polcy.

Edit resolver.xml to include the following configuration:

...