Page tree
Skip to end of metadata
Go to start of metadata

Overview

Attribute encoders convert the internal representation of an IdPAttribute into a particular protocol format. The supported encoders currently support SAML 1 and SAML 2 representations. The mechanism is not inherently limited to XML-based output formats.

Schema Name and Location

Attribute encoders are specified with the xsi:type attribute in a <AttributeEncoder>, the types defined are in the urn:mace:shibboleth:2.0:resolver schema, which is located at http://shibboleth.net/schema/idp/shibboleth-attribute-resolver.xsd.

Common Attributes

The following attributes are common to all encoders:

NameTypeDefaultDescription

encodeType

booleantrueControls whether the output form will contain an encoder-specific indication of the data type of the values. In XML, this takes the form of xsi:type attributes, which greatly bloat the size and generally should be avoided for string-valued data. For compatibility with V2, the default is to continue to output the information, but we suggest disabling it in newer deployments and after testing against existing services.

activationConditionRef

Bean Reference

Bean ID of a condition bean that determines whether the encoder should be active, described further here.
Mutually exclusive with relyingParties

relyingParties 3.4

space-delimited list

List of entity IDs for which this Attribute Encoder should be active.
Mutually exclusive with activationConditionRef

Common Child Elements

Attribute resolvers contain no common child elements.

AttributeEncoder Plugin Types

xsi:typeFunction

SAML2String

Encodes an IdPAttribute with simple string values as a SAML 2 Attibute.

SAML2ScopedString

Encodes an IdPAttribute with scoped values as a SAML 2 Attibute.

SAML2XMLObject

Encodes an IdPAttribute with complex XML-based values as a SAML 2 Attribute.

SAML2Base64

Encodes an IdPAttribute with binary values as a SAML 2 Attribute.

SAML1String

Encodes an IdPAttribute with simple string values as a SAML 1 Attibute.

SAML1ScopedString

Encodes an IdPAttribute with scoped values as a SAML 1 Attibute.

SAML1XMLObject

Encodes an IdPAttribute with complex XML-based values as a SAML 1 Attribute.

SAML1Base64

Encodes an IdPAttribute with binary values as a SAML 1 Attribute.

SAML2StringNameID

DEPRECATED. See the Shibboleth2 Documentation for details.

SAML1StringNameIdentifier

DEPRECATED. See the Shibboleth2 Documentation for details.
  • No labels