Menu
I'm successfully logging into my Service Provider test page with Shibboleth. I then go to the /Shibboleth.sso/Session page and I see the following:
Attributes
affiliation: 1 value(s)
entitlement: 1 value(s)
eppn: 1 value(s)
persistent-id: 1 value(s)
unscoped-affiliation: 1 value(s)
My question is... how do I go about reading these values? I don't see them in the HTTP Request header in Fiddler.
My web application will be implemented in ASP.NET MVC 4 (C#).
293
You can also set showAttributeValues to true in the Session handler in shibboleth2.xml. Note, this is not recommended in a production environment. Then restart the shibboleth service; the Attributes section of the Session page will include the actual values.
<!-- Session diagnostic service. -->
<Handler type="Session" Location="/Session" showAttributeValues="true"/>
You can read Shibboleth SAML attributes sent by the IdP using Request.ServerVariables object:
string server = Request.ServerVariables["HTTP_FIRSTNAME"];
See this if you want to list and print all the attributes in session.
Remember to configure Shibboleth attribute-map.xml to handle the custom attributes your IdP may send:
<Attribute name="firstname" id="firstname" nameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<AttributeDecoder xsi:type="StringAttributeDecoder"/>
</Attribute>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
