Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Branch: master
Fetching contributors…

Cannot retrieve contributors at this time

168 lines (130 sloc) 6.657 kB
MongoDB data and persistent ID connector for use with the Shibboleth 2.x IdP.
DOCUMENTATION
-------------
https://wiki.shibboleth.net/confluence/display/SHIB2/MongoDB+connector
INSTALLATION
------------
1. Add the project jar and all its dependencies to the Shibboleth IdP source
lib directory.
2. Re-install the IdP using the install script to build and deploy a new idp.war
CONFIGURATION
-------------
Enable the mongodb connector in $IDP_CONFIG_DIR/conf/attribute-resolver.xml
1. Add namespace and the xsd schema to the root element:
xmlns:uid="http://dev.unitedid.org/NS/mongodb-connector"
http://dev.unitedid.org/NS/mongodb-connector classpath:/schema/mongodb-connector.xsd
2. Adding the mongodb data connector
---------------------------------------------------------------------------------------
EXAMPLE 1 (one mongodb server):
---------------------------------------------------------------------------------------
<resolver:DataConnector id="myMongo" xsi:type="uid:MongoDbDataConnector"
mongoDbName="idp"
mongoCollection="users">
<uid:MongoHost host="server1.example.com" port="27017" />
<uid:QueryTemplate>
<![CDATA[
{ 'userName' : '$requestContext.principalName' }
]]>
</uid:QueryTemplate>
</resolver:DataConnector>
---------------------------------------------------------------------------------------
EXAMPLE 2 (multiple mongodb servers):
---------------------------------------------------------------------------------------
<resolver:DataConnector id="myMongo" xsi:type="uid:MongoDbDataConnector"
mongoDbName="idp"
mongoCollection="users">
<uid:MongoHost host="server1.example.com" port="27017" />
<uid:MongoHost host="server2.example.com" port="27017" />
<uid:MongoHost host="server3.example.com" port="27017" />
<uid:QueryTemplate>
<![CDATA[
{ 'userName' : '$requestContext.principalName' }
]]>
</uid:QueryTemplate>
</resolver:DataConnector>
---------------------------------------------------------------------------------------
EXAMPLE 3 (map document fields to an attributeId):
---------------------------------------------------------------------------------------
<resolver:DataConnector id="myMongo" xsi:type="uid:MongoDbDataConnector"
mongoDbName="idp"
mongoCollection="users">
<uid:MongoHost host="server1.example.com" port="27017" />
<uid:QueryTemplate>
<![CDATA[
{ 'userName' : '$requestContext.principalName' }
]]>
</uid:QueryTemplate>
<uid:AttributeMap mongoKey="userName" attributeID="uid" />
<uid:AttributeMap mongoKey="email" attributeID="mail" />
</resolver:DataConnector>
---------------------------------------------------------------------------------------
EXAMPLE 4 (map embedded HashMap fields to an attributeId):
---------------------------------------------------------------------------------------
<resolver:DataConnector id="myMongo" xsi:type="uid:MongoDbDataConnector"
mongoDbName="idp"
mongoCollection="users">
<uid:MongoHost host="server1.example.com" port="27017" />
<uid:QueryTemplate>
<![CDATA[
{ 'userName' : '$requestContext.principalName' }
]]>
</uid:QueryTemplate>
<uid:AttributeMap mongoKey="userName" attributeID="uid" />
<uid:AttributeMap mongoKey="email" attributeID="mail" />
<uid:AttributeMap mongoKey="address">
<uid:ValueMap mongoKey="zip" attributeID="postalCode" />
<uid:ValueMap mongoKey="address1" attributeID="postalAddress" />
</uid:AttributeMap>
</resolver:DataConnector>
<!-- JSON structure for the this example
{ "_id" : ObjectId("4e5bd2d8a7e6b7a04a15ed28"),
"address" : { "address1" : "Example road 10",
"address2" : "",
"city" : "Somewhere",
"country" : "swe",
"zip" : "11111" },
"mail" : "johndoe@example.com",
"username" : "johndoe"
}
-->
3. (Optional) Adding mongodb persistent ID connector
---------------------------------------------------------------------------------------
EXAMPLE 1 (Attribute definition, Mongodb data connector, Mongodb persistent ID connector):
---------------------------------------------------------------------------------------
<!-- Attribute definition -->
<resolver:AttributeDefinition xsi:type="ad:SAML2NameID" id="eduPersonTargetedID"
nameIdFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" sourceAttributeID="persistentID">
<resolver:Dependency ref="myMongo2" />
<resolver:AttributeEncoder xsi:type="enc:SAML1XMLObject" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" />
<resolver:AttributeEncoder xsi:type="enc:SAML2XMLObject" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" friendlyName="eduPersonTargetedID" />
</resolver:AttributeDefinition>
<!-- Mongodb data connector -->
<resolver:DataConnector id="myMongo" xsi:type="uid:MongoDbDataConnector"
mongoDbName="idp"
mongoCollection="users">
<uid:MongoHost host="server1.example.com" port="27017" />
<uid:MongoHost host="server2.example.com" port="27017" />
<uid:MongoHost host="server3.example.com" port="27017" />
<uid:QueryTemplate>
<![CDATA[
{ 'userName' : '$requestContext.principalName' }
]]>
</uid:QueryTemplate>
<uid:AttributeMap mongoKey="userName" attributeID="uid" />
</resolver:DataConnector>
<!-- Mongodb persistent ID connector -->
<resolver:DataConnector id="myMongo2" xsi:type="uid:MongoDbDataConnector"
mongoDbName="idp"
mongoCollection="shibpid">
<!-- Resolver dependency needed to resolve uid in sourceAttributeId -->
<resolver:Dependency ref="myMongo" />
<uid:MongoHost host="server1.example.com" port="27017" />
<uid:MongoHost host="server2.example.com" port="27017" />
<uid:MongoHost host="server3.example.com" port="27017" />
<uid:PersistentId generatedAttributeId="persistentID"
sourceAttributeId="uid"
salt="1q2w3e4r5t56y678dcfvgbhynujtywrtqrecadaqqwe243" />
</resolver:DataConnector>
NOTE:
----
a. QueryTemplate is in JSON format
Jump to Line
Something went wrong with that request. Please try again.