This repository has been archived by the owner on Jun 24, 2022. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
30 additions
and
22 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,23 +1,27 @@ | ||
`subjectidattrs:PairwiseID` | ||
=================== | ||
|
||
Filter to insert a pairwise-id that complies with the following specification; | ||
http://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/saml-subject-id-attr-v1.0.pdf | ||
Filter to insert a pairwise-id that complies with the [SAML V2.0 Subject Identifier Attributes Profile][specification]. | ||
|
||
This filter will take an attribute and a scope as input and transforms this into a anonymized and scoped | ||
identifier that is globally unique for a given user & service provider combination. | ||
[specification]: http://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/saml-subject-id-attr-v1.0.pdf | ||
|
||
This filter will take an attribute and a scope as input and transforms this | ||
into a anonymized and scoped identifier that is globally unique for a given | ||
user & service provider combination. | ||
|
||
Note: | ||
Since the subject-id is specified as single-value attribute, only the first value of `identifyingAttribute` | ||
and `scopeAttribute` are considered. | ||
Since the subject-id is specified as single-value attribute, only the first | ||
value of `identifyingAttribute` and `scopeAttribute` are considered. | ||
|
||
Examples | ||
-------- | ||
|
||
```php | ||
'authproc' => [ | ||
50 => [ | ||
'class' => 'subjectidattrs:PairwiseID', | ||
'identifyingAttribute' => 'uid', | ||
'scopeAttribute' => 'scope', | ||
], | ||
], | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,26 +1,31 @@ | ||
`subjectidattrs:SubjectID` | ||
=================== | ||
|
||
Filter to insert a subject-id that complies with the following specification; | ||
http://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/saml-subject-id-attr-v1.0.pdf | ||
Filter to insert a subject-id that complies with the [SAML V2.0 Subject Identifier Attributes Profile][specification]. | ||
|
||
This filter will take an attribute and a scope as input and transforms this into a scoped identifier that is globally unique for a given user. | ||
[specification]: http://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/saml-subject-id-attr-v1.0.pdf | ||
|
||
This filter will take an attribute and a scope as input and transforms this | ||
into a scoped identifier that is globally unique for a given user. | ||
|
||
Note: | ||
----- | ||
If privacy is of your concern, you may want to use the PairwiseID-filter instead. | ||
If privacy is of your concern, you may want to use the PairwiseID-filter | ||
instead. | ||
|
||
Note: | ||
Since the subject-id is specified as single-value attribute, only the first value of `identifyingAttribute` | ||
and `scopeAttribute` are considered. | ||
Since the subject-id is specified as single-value attribute, only the first | ||
value of `identifyingAttribute` and `scopeAttribute` are considered. | ||
|
||
Examples | ||
-------- | ||
|
||
```php | ||
'authproc' => [ | ||
50 => [ | ||
'class' => 'subjectidattrs:SubjectID', | ||
'identifyingAttribute' => 'uid', | ||
'scopeAttribute' => 'scope', | ||
], | ||
], | ||
``` |