diff --git a/config-templates/config.php b/config-templates/config.php
index fcb1ffaaf91f09337f0c0f3b6aea4ea4897c2d46..6cf0865e17622a41b1c615024cc19c4c8aa2948d 100644
--- a/config-templates/config.php
+++ b/config-templates/config.php
@@ -767,9 +767,6 @@ $config = array(
// Adopts language from attribute to use in UI
30 => 'core:LanguageAdaptor',
- /* Add a realm attribute from edupersonprincipalname
- 40 => 'core:AttributeRealm',
- */
45 => array(
'class' => 'core:StatisticsWithAttribute',
'attributename' => 'realm',
diff --git a/docs/simplesamlphp-authproc.md b/docs/simplesamlphp-authproc.md
index 784ae9e08c1e6c1d52001c660db1e3882a397d52..863a880714ea8800d6b77a0ee127af0d8a054aca 100644
--- a/docs/simplesamlphp-authproc.md
+++ b/docs/simplesamlphp-authproc.md
@@ -50,7 +50,6 @@ The configuration of *Auth Proc Filters* is a list of filters with priority as *
'addurnprefix'
),
20 => 'core:TargetedID',
- 40 => 'core:AttributeRealm',
50 => 'core:AttributeLimit',
90 => array(
'class' => 'consent:Consent',
@@ -112,7 +111,7 @@ Filters can be added both in `hosted` and `remote` metadata. Here is an example
'certificate' => 'example.org.crt',
'auth' => 'feide',
'authproc' => array(
- 40 => 'core:AttributeRealm',
+ 40 => 'preprodwarning:Warning',
),
)
@@ -132,7 +131,7 @@ The following filters are included in the SimpleSAMLphp distribution:
- [`core:AttributeAlter`](./core:authproc_attributealter): Do search-and-replace on attributevalues.
- [`core:AttributeLimit`](./core:authproc_attributelimit): Limit the attributes in the response.
- [`core:AttributeMap`](./core:authproc_attributemap): Change the name of the attributes.
-- [`core:AttributeRealm`](./core:authproc_attributerealm): Create an attribute with the realm of the user.
+- [`core:AttributeRealm`](./core:authproc_attributerealm): (deprecated) Create an attribute with the realm of the user.
- [`core:GenerateGroups`](./core:authproc_generategroups): Generate a `group` attribute for the user.
- [`core:LanguageAdaptor`](./core:authproc_languageadaptor): Transfering language setting from IdP to SP.
- [`core:PHP`](./core:authproc_php): Modify attributes with custom PHP code.
diff --git a/modules/core/docs/authproc_attributerealm.md b/modules/core/docs/authproc_attributerealm.md
index 77b0bb31c2ac9aafb98e0ef0cc2a5940456b3219..cf511772adbdb57e1660942722546ddb6a5bb939 100644
--- a/modules/core/docs/authproc_attributerealm.md
+++ b/modules/core/docs/authproc_attributerealm.md
@@ -1,6 +1,9 @@
`core:AttributeRealm`
=====================
+*NOTE:* This filter has been deprecated and will be removed in a future release. Please use
+`core:ScopeFromAttribute` instead.
+
This filter creates a new attribute with the realm of the user.
The new attribute is names `realm` by default, but can be controlled by the `attributename` option.
diff --git a/modules/core/lib/Auth/Process/AttributeRealm.php b/modules/core/lib/Auth/Process/AttributeRealm.php
index a4755a05c5982a49242016d67795369315736ed0..9e50d78a44f7696c889f64c4165564928c3c970a 100644
--- a/modules/core/lib/Auth/Process/AttributeRealm.php
+++ b/modules/core/lib/Auth/Process/AttributeRealm.php
@@ -6,49 +6,48 @@
*
* @author Andreas Ă…kre Solberg, UNINETT AS.
* @package SimpleSAMLphp
+ * @deprecated Use ScopeFromAttribute instead.
*/
class sspmod_core_Auth_Process_AttributeRealm extends SimpleSAML_Auth_ProcessingFilter {
- private $attributename = 'realm';
-
- /**
- * Initialize this filter.
- *
- * @param array $config Configuration information about this filter.
- * @param mixed $reserved For future use.
- */
- public function __construct($config, $reserved) {
- parent::__construct($config, $reserved);
- assert('is_array($config)');
-
- if (array_key_exists('attributename', $config))
- $this->attributename = $config['attributename'];
-
- }
-
-
- /**
- * Apply filter to add or replace attributes.
- *
- * Add or replace existing attributes with the configured values.
- *
- * @param array &$request The current request
- */
- public function process(&$request) {
- assert('is_array($request)');
- assert('array_key_exists("Attributes", $request)');
-
- $attributes =& $request['Attributes'];
-
- if (!array_key_exists('UserID', $request)) {
- throw new Exception('core:AttributeRealm: Missing UserID for this user. Please' .
- ' check the \'userid.attribute\' option in the metadata against the' .
- ' attributes provided by the authentication source.');
- }
- $userID = $request['UserID'];
- $decomposed = explode('@', $userID);
- if (count($decomposed) !== 2) return;
- $request['Attributes'][$this->attributename] = array($decomposed[1]);
- }
-
+ private $attributename = 'realm';
+
+ /**
+ * Initialize this filter.
+ *
+ * @param array $config Configuration information about this filter.
+ * @param mixed $reserved For future use.
+ */
+ public function __construct($config, $reserved) {
+ parent::__construct($config, $reserved);
+ assert('is_array($config)');
+
+ if (array_key_exists('attributename', $config))
+ $this->attributename = $config['attributename'];
+
+ }
+
+ /**
+ * Apply filter to add or replace attributes.
+ *
+ * Add or replace existing attributes with the configured values.
+ *
+ * @param array &$request The current request
+ */
+ public function process(&$request) {
+ assert('is_array($request)');
+ assert('array_key_exists("Attributes", $request)');
+
+ $attributes =& $request['Attributes'];
+
+ if (!array_key_exists('UserID', $request)) {
+ throw new Exception('core:AttributeRealm: Missing UserID for this user. Please' .
+ ' check the \'userid.attribute\' option in the metadata against the' .
+ ' attributes provided by the authentication source.');
+ }
+ $userID = $request['UserID'];
+ $decomposed = explode('@', $userID);
+ if (count($decomposed) !== 2) return;
+ $request['Attributes'][$this->attributename] = array($decomposed[1]);
+ }
}