[satosa-users] Adding to attribute maps

Hi again, Thanks to Scott’s help we managed to work out what the problem was… There needs to be the line “attribute_map_dir: attributemaps” in the saml frontend and backend config (under the idp_config, or sp_config). This is not included in the example config (have included it in a pull request), and was pretty difficult to work out without comparing mine and Scott’s files. Once we realised this there does actually seem to be a thread about it (maybe worth adding something to the docs?): https://lists.sunet.se/pipermail/satosa-dev/2018-February/000183.html Thank you **so** much to Scott for spending time with me to work this out! Cheers, Hannah On 7 Aug 2019, at 13:24, Hannah Short <hannah.short at cern.ch<mailto:hannah.short at cern.ch>> wrote: Hi again, @Rainer, thanks, that would be very helpful! @Scott, the simple test setup I created (which has the same problem) uses the internal_attributes.yaml as follows: attributes: eppn: saml: [eduPersonPrincipalName] swissEduPersonHomeOrganization: saml: [swissEduPersonHomeOrganization] user_id_from_attrs: [eppn] user_id_to_attr: eppn Cheers, Hannah On 7 Aug 2019, at 12:41, Rh at IDN <rh at identinetics.com<mailto:rh at identinetics.com>> wrote: Hi Hannah I did use the docker deployment, but I am using a custom attribute directory with custom mappings, and these are not R&E related. I can share the configuration later off-list. - Rainer Von meinem iPhone gesendet Am 07.08.2019 um 13:03 schrieb Scott Koranda <skoranda at gmail.com<mailto:skoranda at gmail.com>>: Hi, Thanks anyway - I guess I’ll have to go down the non-Docker route :) I am sure it will work. Can you send me your config files, specifically internal_attributes.yaml? Thanks, Scott K If anyone else has successfully added attributes to a docker deployment, please let me know! Cheers, Hannah On 7 Aug 2019, at 10:54, Scott Koranda <skoranda at gmail.com<mailto:skoranda at gmail.com>> wrote: Hi, I’m not totally sure what you mean by undefined. I’m using the docker setup where there seem to be separate files for SAML and Shibboleth attributes: saml_uri.py and shibboleth_uri.py. Sorry, my bad. I do not use the Docker image from the SATOSA project. I build my own and use different names for the files in the attribute maps directory. The Swiss attributes seem to be correctly defined in saml_uri.py (you can see them at https://github.com/IdentityPython/SATOSA/pull/270/files#diff-a97bd52d95d3b3…) SWISSEDUPERSON_OID = 'urn:oid:2.16.756.1.2.5.1.1.’ SWISSEDUPERSON_OID+’4’=‘swissEduPersonHomeOrganization’ Yes, I agree. If your image/container is really using those versions of the files then the mappings are properly defined. I made a simplified version of my config at (will send it to you directly on Slack). Thanks, Scott K _______________________________________________ satosa-users mailing list satosa-users at lists.sunet.se<mailto:satosa-users at lists.sunet.se> https://lists.sunet.se/listinfo/satosa-users _______________________________________________ satosa-users mailing list satosa-users at lists.sunet.se<mailto:satosa-users at lists.sunet.se> https://lists.sunet.se/listinfo/satosa-users