在IdP身份验证之后/SP重定向之前将文本追加到用户的帐户 [英] Appending text to user's account after IdP authentication / before SP redirect
问题描述
在他们经过IdP验证之后,并且系统将他们重定向到SP之前,我需要将电子邮件域(@ domain.com)附加到用户的帐户中.
I need to append the email domain (@domain.com) to a user's account after they are IdP validated, and before the system redirects them to the SP.
我正在使用此页面提供帮助,但是无法断言我是直接输入其他文本还是引用从LDAP检索到的另一个属性:
I am using this page for assistance but am unable to assert whether I will type in the additional text literally, or by referencing another attribute retrieved from LDAP: http://simplesamlphp.org/docs/stable/simplesamlphp-authproc
推荐答案
您必须在metadata/saml20-idp-hosted.php
You must apply the filter at the metadata/saml20-idp-hosted.php
使用 PHP过滤器:
'authproc.idp' => array(
60 => array(
'class' => 'core:PHP',
'code' => '
if (!empty($attributes["uid"])) {
$mail = $attributes["uid"][0] . "@domain.com";
$attributes["mail"] = array($mail);
} //Closing bracket was missing
',
),
),
例如,此过滤器基于"uid"属性创建"mail"属性. 请注意,$ attributes处的属性值始终是一个数组.
This filter for example create a 'mail' attribute based on an 'uid' attribute. Note that attribute values at the $attributes are always an array.
这篇关于在IdP身份验证之后/SP重定向之前将文本追加到用户的帐户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!