Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • cesnet_simplesamlphp-1.19.8
  • elixir_simplesamlphp-1.19.8
  • simplesamlphp-1.19.8
  • cesnet_simplesamlphp-1.19.5
  • simplesamlphp-2.0
  • feature/assets
  • feature/rac-source-selector
  • cleanup/remove-base64-attributes
  • simplesamlphp-1.19
  • elixir_simplesamlphp-1.19.5
  • aarc_idp_hinting
  • feature/validate-authstate-before-processing
  • feature/build-two-tarballs
  • dependabot/composer/twig/twig-3.4.3
  • tvdijen-patch-1
  • unchanged-acs-url-no-www-script
  • feature/translation-improvements
  • symfony6
  • move_tests
  • v1.19.9
  • v2.1.3
  • v2.0.10
  • v2.1.2
  • v2.0.9
  • v2.1.1
  • v2.0.8
  • v2.1.0
  • v2.0.7
  • v2.1.0-rc1
  • v2.0.6
  • v2.0.5
  • 2.0.4-alpha.1
  • v2.0.4-alpha.1
  • v2.0.4
  • v2.0.3
  • v2.0.2
  • v2.0.1-alpha.1
  • v2.0.1
  • v1.19.8
40 results
Blame History Permalink
  • peter's avatar
    Add initial support for SAML Subject Id Attributes · 1187bac6
    peter authored 
    The OASIS spec [SAML V2.0 Subject Identifier Attributes Profile](https://wiki.oasis-open.org/security/SAMLSubjectIDAttr) defines two new standard attributes intending to replace use of persistent NameIDs and the eduPersonTargetedID and eduPersonUniqueId SAML attributes. The updated Kantara [SAML V2.0 Interoperability Deployment Profile](https://kantarainitiative.github.io/SAMLprofiles/saml2int.html) will also standardize on these new attributes (cf. SDP-SP15 ibid.).

This commit adds the two new attributes:

* to the URN attribute maps
* to attribute definitions and translations of the locale system
* to the smartattributes:SmartID auth proc filter (after any other SAML attributes, but before the non-SAML ones).

Support for saml2int SDP-SP16 (attribute requirements signalling via Entity Attributes) is not included here.
    1187bac6
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
attributes.definition.json 3.35 KiB 
{
	"attribute_edupersonaffiliation": {
		"en": "Affiliation"
	},
	"attribute_title": {
		"en": "Title"
	},
	"attribute_uid": {
		"en": "User ID"
	},
	"attribute_sn": {
		"en": "Surname"
	},
	"attribute_givenname": {
		"en": "Given name"
	},
	"attribute_cn": {
		"en": "Common name"
	},
	"attribute_mail": {
		"en": "Mail"
	},
	"attribute_ismemberof": {
		"en": "Group membership"
	},
	"attribute_mobile": {
		"en": "Mobile"
	},
	"attribute_preferredlanguage": {
		"en": "Preferred language"
	},
	"attribute_noredupersonnin": {
		"en": "Identity number assigned by public authorities"
	},
	"attribute_schachomeorganization": {
		"en": "Home organization domain name"
	},
	"attribute_organisationname": {
		"en": "Organization name"
	},
	"attribute_edupersonentitlement": {
		"en": "Entitlement regarding the service"
	},
	"attribute_edupersonscopedaffiliation": {
		"en": "Affiliation at home organization"
	},
	"attribute_edupersontargetedid": {
		"en": "Persistent pseudonymous ID"
	},
	"attribute_pairwise_id": {
		"en": "Service-specific pseudonymous ID at home organization"
	},
	"attribute_edupersonprincipalname": {
		"en": "Person's principal name at home organization"
	},
	"attribute_edupersonuniqueid": {
		"en": "Person's non-reassignable, persistent pseudonymous ID at home organization"
	},
	"attribute_subject_id": {
		"en": "Pseudonymous ID at home organization"
	},
	"attribute_edupersonorcid": {
		"en": "ORCID researcher identifiers"
	},
	"attribute_o": {
		"en": "Organization name"
	},
	"attribute_dc": {
		"en": "Domain component (DC)"
	},
	"attribute_displayname": {
		"en": "Display name"
	},
	"attribute_facsimiletelephonenumber": {
		"en": "Fax number"
	},
	"attribute_homephone": {
		"en": "Home telephone"
	},
	"attribute_homepostaladdress": {
		"en": "Home postal address"
	},
	"attribute_jpegphoto": {
		"en": "JPEG Photo"
	},
	"attribute_l": {
		"en": "Locality"
	},
	"attribute_labeleduri": {
		"en": "Labeled URI"
	},
	"attribute_manager": {
		"en": "Manager"
	},
	"attribute_ou": {
		"en": "Organizational unit"
	},
	"attribute_postaladdress": {
		"en": "Postal address"
	},
	"attribute_postalcode": {
		"en": "Postal code"
	},
	"attribute_postofficebox": {
		"en": "Post office box"
	},
	"attribute_street": {
		"en": "Street"
	},
	"attribute_telephonenumber": {
		"en": "Telephone number"
	},
	"attribute_eduorghomepageuri": {
		"en": "Organizational homepage"
	},
	"attribute_eduorglegalname": {
		"en": "Organization's legal name"
	},
	"attribute_edupersonassurance": {
		"en": "Identity assurance profile"
	},
	"attribute_edupersonnickname": {
		"en": "Nickname"
	},
	"attribute_edupersonorgdn": {
		"en": "Distinguished name (DN) of person's home organization"
	},
	"attribute_edupersonorgunitdn": {
		"en": "Distinguished name (DN) of the person's home organizational unit"
	},
	"attribute_edupersonprimaryaffiliation": {
		"en": "Primary affiliation"
	},
	"attribute_noreduorgnin": {
		"en": "Organizational number"
	},
	"attribute_noredupersonbirthdate": {
		"en": "Date of birth"
	},
	"attribute_noredupersonlegalname": {
		"en": "Legal name"
	},
	"attribute_noredupersonlin": {
		"en": "Local identity number"
	},
	"attribute_edupersonprimaryorgunitdn": {
		"en": "Distinguished name (DN) of person's primary Organizational Unit"
	},
	"attribute_userpassword": {
		"en": "User's password hash"
	},
	"attribute_schacuserprivateattribute": {
		"en": "Private information elements"
	}
}