I have different SPs that use my IDP Shibboleth, but for each of them I want to send different attributes in the SAML response.
Is there a way to achieve this?
Maybe use different attribute-resolver files, or maybe the same one but with some configuration on the AttributeDefinition that I can set so that shibboleth knows what values to resolve?
I haven't found anything regarding this on their wiki.
I would suggest you look into the topic of attribute mapping. With this, you can define filters on your Service Providers. Collect all attributes you need for all SPs on your IDP and then filter the ones you need on your Service Provider.
Example: SP 1 needs an attribute called email_1 and SP 2 needs email_2.
Then your attribute-resolver.xml might look something like this:
<AttributeDefinition xsi:type="Simple" id="email_1">
<InputDataConnector ref="myDB" attributeNames="email_1"/>
<AttributeEncoder xsi:type="SAML1String" name="urn:mace:dir:attribute-def:uid"/>
<AttributeEncoder xsi:type="SAML2String" name="urn:oid:0.9.2342.19200300.100.1.3" friendlyName="email_1" encodeType="false"/>
</AttributeDefinition>
<AttributeDefinition xsi:type="Simple" id="email_2">
<InputDataConnector ref="myDB" attributeNames="email_2"/>
<AttributeEncoder xsi:type="SAML1String" name="urn:mace:dir:attribute-def:uid2"/>
<AttributeEncoder xsi:type="SAML2String" name="urn:oid:0.9.2342.19200300.100.1.4" friendlyName="email_2" encodeType="false"/>
</AttributeDefinition>
<DataConnector id="myDB" xsi:type="RelationalDatabase">
<SimpleManagedConnection jdbcDriver="com.mysql.jdbc.Driver"
jdbcURL="jdbc:mysql://localhost:3306/login"
jdbcUserName="bla"
jdbcPassword="blabla"/>
<QueryTemplate>
<![CDATA[
SELECT
mail_1,
mail_2
FROM login
WHERE
mail_1 = '$resolutionContext.principal'
]]>
</QueryTemplate>
<Column columnName="mail_1" attributeID="mail_1"/>
<Column columnName="mail_2" attributeID="mail_2"/>
</DataConnector>
Then, on your Service Provider 1 in attribute-map.xml, you filter out only the attribute you need:
<Attribute name="urn:oid:0.9.2342.19200300.100.1.3" id="mail_1" />
<Attribute name="urn:mace:dir:attribute-def:uid" id="mail_1" />
So when the SP1 receives both mail_1 and mail_2 attributes, mail_2 will be rejected because it's not in your attribute-map.xml file.
Related
I am creating a report which should contain the Report Name, request id of the report, operating unit as well as date and time of the report submitted.
I am not sure how to do that.
Basically I need information related to the report on Oracle EBS to be displayed in the output xml.
Operating Unit: Use a hidden parameter on your concurrent request definition or just select it in your data definition.
These can be used in select statements. You can either get, or derive, what you need to from these.
fnd_profile.value('PROFILEOPTION')
fnd_profile.value('MFG_ORGANIZATION_ID')
fnd_profile.value('ORG_ID') --Operating Unit
fnd_profile.value('LOGIN_ID')
fnd_profile.value('USER_ID')
fnd_profile.value('USERNAME')
fnd_profile.value('CONCURRENT_REQUEST_ID')
fnd_profile.value('GL_SET_OF_BKS_ID')
fnd_profile.value('SO_ORGANIZATION_ID')
fnd_profile.value('APPL_SHRT_NAME')
fnd_profile.value('RESP_NAME')
fnd_profile.value('RESP_ID')
fnd_profile.value('PER_BUSINESS_GROUP_ID')
fnd_profile.value('GL_SET_OF_BKS_ID')
fnd_profile.value('CURRENT_ORG_CONTEXT')
Something like this:
<dataQuery>
<sqlStatement name="Q_GENERAL_INFO">
<![CDATA[
SELECT USERENV('LANG') language_code,
sysdate print_date,
fnd_profile.value('USERNAME') username
FROM dual
]]></sqlStatement>
</dataQuery>
Then you can make a section in your XML to select them into the XML.
<dataStructure>
<group name="General_Info" source="Q_GENERAL_INFO">
<element name="Language_Code" value="language_code"></element>
<element name="Print_Date" value="print_date"></element>
<element name="Username" value="username"></element>
</group>
</dataStructure>
Trying to place a file in multiple directories using single outbound adapter using spring-integration-file.
In order to achieve that, having a loop in front of the file:outbound-gateway to modify message header target directory on each iteration and send all of them to the same channel again and again till the target count decreases to 0.
Able to loop back to the header enricher channel.but Since we are enriching the header value for the same header name again. the value is not getting updated for header name TARGET_DIR. There is no exception also.
Would like to know some solution if its possible to update the header value again and again for the same header name or is it possible to give the dynamic header name at runtime.
Have tried to delete the TARGET_DIR header using header:filter while looping back. But did not work out.
!-- header enricher -->
<integration:header-enricher input-channel="filesHeaderEnricherChannel" output-channel="filesOut">
<integration:header name="TARGET_COUNT" method="getTargetCount" ref="headerEnricher"/>
<integration:header name="TARGET_DIR" method="getTargetPath" ref="headerEnricher"/>
</integration:header-enricher>
<integration:chain id="filesOutChain" input-channel="filesOut" output-channel="filesOutChainChannel">
<integration:transformer expression="headers.FILE"/>
<file:outbound-channel-adapter id="fileMover"
auto-create-directory="true"
directory-expression="headers.TARGET_DIR"
mode="REPLACE">
<file:request-handler-advice-chain>
<ref bean="retryAdvice" />
</file:request-handler-advice-chain>
</file:outbound-channel-adapter>
</integration:chain>
<!-- decreasing the count on each loop -->
<!-- looping to header enricher channel again as output channel to update the target directory -->
<integration:filter input-channel="filesOutChainChannel" expression="headers.TARGET_COUNT != 0" output-channel="filesHeaderEnricherChannel"
discard-channel="filesArchiveChannel">
</<integration:filter>
You are missing the fact that header-enricher has an extra option:
<xsd:attribute name="default-overwrite">
<xsd:annotation>
<xsd:documentation>
Specify the default boolean value for whether to overwrite existing
header values. This will
only
take effect for
sub-elements that do not provide their own 'overwrite' attribute. If the
'default-overwrite'
attribute is not
provided, then the specified header values will NOT overwrite any
existing ones with the same
header
names.
</xsd:documentation>
</xsd:annotation>
<xsd:simpleType>
<xsd:union memberTypes="xsd:boolean xsd:string" />
</xsd:simpleType>
</xsd:attribute>
As well as the sub-element header has its own:
<xsd:attribute name="overwrite">
<xsd:annotation>
<xsd:documentation>
Boolean value to indicate whether this header value should overwrite an
existing header value for
the same name.
</xsd:documentation>
</xsd:annotation>
<xsd:simpleType>
<xsd:union memberTypes="xsd:boolean xsd:string" />
</xsd:simpleType>
</xsd:attribute>
See also docs on the matter: https://docs.spring.io/spring-integration/docs/current/reference/html/message-transformation.html#header-enricher
i need following things but unfortunately i am unable to do it,
can any one help then appreciate....!!!
NOTE : classANumber, classABNumber both field is not available into Database - it's custom field for our bean.
ABC.hbm.xml
<property name="classANumber" lazy="false" type="java.lang.String" formula="(select ac.classNumber from accessClass ac)"/>
<property name="classABNumber" lazy="false" type="java.lang.String" formula="(select abc.classNumber from accessBothClass abc where ac.classCombileNumber = classANumber)"/>
Above is my .hbm.xml file configuration.
Actually, I want to use value of 'classANumber' property into another custom-field's value searching query.
i'm working with spring integration and i have the next case: i'm reading a XML file with an int-file:inbound-channel-adapter and i split the file with a int-xml:xpath-splitter, the thing is that i need to move the file after been splitted.
I want all features of int-xml:xpath-splitter plus moving the file, should i implement a custom splitter extending XPathMessageSplitter? or is there any other way to do that with an out-of-box components?
Thanks.
<int-xml:xpath-splitter id="salesTransSplitter"
input-channel="salesInputChannel"
output-channel="splitterOutChannel" order="1">
<int-xml:xpath-expression expression="/sales_transactions/trans"/>
</int-xml:xpath-splitter>
Something like this should work...
<int-file:inbound ... channel="foo" />
<int:publish-subscribe-channel id="foo" />
<int-xml:xpath-splitter input-channel="foo" ... order="1" />
<int-service-activator input-channel="foo" order="2"
expression="payload.renameTo(new java.io.File('/newDir/' + payload.name)" output-channel="nullChannel" />
If you want to test the rename was successful, send to some other channel other than nullChannel - boolean true means success.
EDIT
Sorry about that; order should be supported on every consuming endpoint, I will open a JIRA issue.
The order is not strictly necessary; if no order is present, the order they appear in the configuration will be used; I just prefer to make it explicit.
There are (at least) two work arounds:
Remvoe the order attribute from BOTH consumers and they will be invoked in the order they appear in the XML.
Configure the XPath splitter as a normal splitter, which does support order...
<int:splitter id="salesTransSplitter" order="1"
input-channel="salesInputChannel"
output-channel="splitterOutChannel" order="1">
<bean class="org.springframework.integration.xml.splitter.XPathMessageSplitter">
<constructor-arg value="/sales_transactions/trans" />
</bean>
</int-xml:xpath-splitter>
I would like to modify (add/remove) the list of outbound-gateway using the loadbalancing of input channel. My code :
<int:channel id="mainRequestChannel" />
<int-http:outbound-gateway request-channel="mainRequestChannel" message-converters="messageConverters"
request-factory="httpRequestFactory" url="http://localhost:8100/batchfactory-slave/receiveGateway"
http-method="POST" expected-response-type="JobLaunchingResponse" order="1" reply-channel="finishedResponse" />
<int-http:outbound-gateway request-channel="mainRequestChannel" message-converters="messageConverters"
request-factory="httpRequestFactory" url="http://localhost:8090/batchfactory-slave/receiveGateway"
http-method="POST" expected-response-type="JobLaunchingResponse" order="2" reply-channel="finishedResponse" />
I modify this and I have now a dynamicRouter :
<int:channel id="mainRequestChannel" />
<int:router input-channel="mainRequestChannel" expression="#dynamicChannelResolver.resolve()"/>
But there is only 1 subscriber for the mainRequestChannel so the load balancer which is the default behaviour doesn't work.
Thanks for your help.
See the dynamic-ftp sample. You would essentially put the outbound gateway in its own context with parameters for the URL etc. However, unlike that example, you would need to make the context a child of the main context (so it will be able to reference the finishedResponsechannel).
The sample README has a link to some forum discussions where that technique is explained.
Alternatively, you can wire up the necessary classes yourself - you would need a EventDrivenConsumer with mainRequestChannel and a properly configured HttpRequestExecutingMessageHandler in its constructor.