Versions Compared

Old Version 3

changes.mady.by.user Tom Zeller

Saved on

compared with

New Version 4

changes.mady.by.user Tom Zeller

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Include Page
spaceKeyGrouper
pageTitleNavigation
Table of Contents

Overview

As of version 2.1.0, the grouper-shib project (grouper-shib.jar) provides Data Connector extensions and Attribute Definition extensions for the Shibboleth Attribute Resolver.

...

Code Block
xml
xml
<dependency>
  <groupId>edu.internet2.middleware.grouper</groupId>
  <artifactId>grouper-shib</artifactId>
  <version>2.1.0</version>
</dependency>

Grouper Data Connectors

Group Data Connector

The GroupDataConnector returns attributes which represent a Grouper Group.

...

Code Block
xml
xml
<resolver:DataConnector id="GroupDataConnector" xsi:type="grouper:GroupDataConnector">
  <grouper:Attribute id="<members|group>[:<all|immediate|effective|composite>[:<list name>]]" />
</resolver:DataConnector>

GroupDataConnector - Default List (Members)

The following example will return an attribute named "member" whose values are the "name" of every member from the "jdbc" subject source of the default "members" list of a group :

Code Block
xml
xml
<resolver:DataConnector id="GroupDataConnector" xsi:type="grouper:GroupDataConnector">
  <grouper:Attribute id="members" />
</resolver:DataConnector>

<resolver:AttributeDefinition id="member" xsi:type="grouper:Member" sourceAttributeID="members" >
  <resolver:Dependency ref="GroupDataConnector" />
  <grouper:Attribute id="name" source="jdbc" />
</resolver:AttributeDefinition>

GroupDataConnector - List (Membership) Scope

The following example will return an attribute named "immediateMembers" whose values are the "name" of every immediate member from the "jdbc" source of the default "members" list of a group :

Code Block
xml
xml
<resolver:DataConnector id="GroupDataConnector" xsi:type="grouper:GroupDataConnector">
  <grouper:Attribute id="members:immediate" />
</resolver:DataConnector>

<resolver:AttributeDefinition id="immediateMembers" xsi:type="grouper:Member" sourceAttributeID="members:immediate" >
  <resolver:Dependency ref="GroupDataConnector" />
  <grouper:Attribute id="name" source="jdbc" />
</resolver:AttributeDefinition>

GroupDataConnector - Custom List (Membership)

The following example will return an attribute named "customMembers" whose values are the "name" of every member from the "jdbc" source of the "customList" list of a group :

Code Block
xml
xml
<resolver:DataConnector id="GroupDataConnector" xsi:type="grouper:GroupDataConnector">
  <grouper:Attribute id="members:all:customList" />
</resolver:DataConnector>

<resolver:AttributeDefinition id="customMembers" xsi:type="grouper:Member" sourceAttributeID="members:all:customList" >
  <resolver:Dependency ref="GroupDataConnector" />
  <grouper:Attribute id="name" source="jdbc" />
</resolver:AttributeDefinition>

GroupDataConnector - Member Of List

The following example will return an attribute named "isMemberOf" whose values are the "name" of every group of which the group is a member of :

Code Block
xml
xml

<resolver:DataConnector id="GroupDataConnector" xsi:type="grouper:GroupDataConnector">
  <grouper:Attribute id="groups" />
</resolver:DataConnector>

<resolver:AttributeDefinition id="isMemberOf" xsi:type="grouper:Group" sourceAttributeID="groups" >
  <resolver:Dependency ref="GroupDataConnector" />
  <grouper:Attribute id="name" />
</resolver:AttributeDefinition>

...

Code Block
xml
xml
<resolver:DataConnector id="GroupDataConnector" xsi:type="grouper:GroupDataConnector">
  <grouper:Attribute id="admins" />
</resolver:DataConnector>

<resolver:AttributeDefinition id="admin" xsi:type="grouper:Subject" sourceAttributeID="admins" >
  <resolver:Dependency ref="GroupDataConnector" />
  <grouper:Attribute id="name" source="jdbc" />
</resolver:AttributeDefinition>

Member Data Connector

The MemberDataConnector returns attributes which represent a Grouper Member. Returned attributes, lists, and privileges must be specified to maximize retrieval performance.

...

Code Block
xml
xml
<resolver:DataConnector id="MemberDataConnector" xsi:type="grouper:MemberDataConnector">
  <grouper:Attribute id="admins" />
</resolver:DataConnector>

<resolver:AttributeDefinition id="admin" xsi:type="grouper:Group" sourceAttributeID="admins" >
  <resolver:Dependency ref="MemberDataConnector" />
  <grouper:Attribute id="name" />
</resolver:AttributeDefinition>

Stem Data Connector

The StemDataConnector returns stems from Grouper. The attributes returned for a stem include built-in attributes such as id, name, displayName, extension, displayExtension, and description, as well as custom attributes and attribute framework attributes.

Code Block
xml
xml
<resolver:DataConnector id="StemDataConnector" xsi:type="grouper:StemDataConnector" />

Filters

Objects returned by the data connectors may be filtered.

...

Code Block
xml
xml
<resolver:DataConnector id="testFilterStemNameExact" xsi:type="grouper:StemDataConnector">
    <grouper:Filter xsi:type="grouper:StemNameExact" name="parentStem" />
  </resolver:DataConnector>

...

Group Attribute Definition
The GroupAttributeDefinition returns Group attributes.
...
 Code Block
xml
xml
<resolver:AttributeDefinition id="isMemberOf" xsi:type="grouper:Group" sourceAttributeID="groups" >
  <resolver:Dependency ref="GroupDataConnector" />
  <grouper:Attribute id="name" />
</resolver:AttributeDefinition>

Member Attribute Definition
The MemberAttributeDefinition returns Member attributes.
...
 Code Block
xml
xml
<resolver:AttributeDefinition id="member" xsi:type="grouper:Member" sourceAttributeID="members" >
  <resolver:Dependency ref="GroupDataConnector" />
  <grouper:Attribute id="name" source="jdbc" />
</resolver:AttributeDefinition>

Subject Attribute Definition
The SubjectAttributeDefinition returns Subject attributes.
...