I am trying to send saml response from my shibboleth idp to a service provider
How can I pass the friendlyname instead of urn:oid in saml response? Right now, my saml response contains the urn:oid only,
for instance, 'urn:oid:0.9.2342.19200300.100.1.6': '106',
what I need to to pass is a key called "productid" along with this response,
'productid: '106',
below given is my attribute-resolver.xml where I've passed the friendlyName as productid for roomNumber(urn:oid:0.9.2342.19200300.100.1.6)
<resolver:AttributeDefinition id="productid" xsi:type="ad:Simple" sourceAttributeID="roomNumber">
<resolver:Dependency ref="myLDAP" />
<resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:roomNumber" encodeType="false" />
<resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:0.9.2342.19200300.100.1.6" friendlyName="productid" encodeType="false" />
</resolver:AttributeDefinition>
Can I please get some insights into this?
According to the doc for SAML2 String looks like you should be able to do:
<resolver:AttributeDefinition id="productid" xsi:type="ad:Simple" sourceAttributeID="roomNumber">
<resolver:Dependency ref="myLDAP" />
<resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:mace:dir:attribute-def:roomNumber" encodeType="false" />
<resolver:AttributeEncoder xsi:type="enc:SAML2String" name="productid" friendlyName="productid" encodeType="false" />
</resolver:AttributeDefinition>
although you're encouraged to make sure the attribute is unique by its scope.