blob: 053e327ec14323ca167b29193592de22a31237f8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
|
<Attributes xmlns="urn:mace:shibboleth:2.0:attribute-map" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<!--
SWAMID standard attribute-map.xml for SAML 2.0
==============================================
The mappings are agreed to within the Shibboleth community or directly LDAP attribute names.
Version: 2023-10-18
REMEMBER to notify SWAMID saml-admins list when updating this file!
-->
<!-- New standard identifier attributes for SAML. -->
<Attribute name="urn:oasis:names:tc:SAML:attribute:subject-id" id="subject-id">
<AttributeDecoder xsi:type="ScopedAttributeDecoder" caseSensitive="false"/>
</Attribute>
<Attribute name="urn:oasis:names:tc:SAML:attribute:pairwise-id" id="pairwise-id">
<AttributeDecoder xsi:type="ScopedAttributeDecoder" caseSensitive="false"/>
</Attribute>
<!-- Swedish -->
<Attribute name="urn:oid:1.2.752.29.4.13" id="personalIdentityNumber"/>
<!-- A persistent id attribute that supports personalized anonymous access. -->
<!-- First, the eduPerson version with OID-style name: -->
<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" id="persistent-id">
<AttributeDecoder xsi:type="NameIDAttributeDecoder" formatter="$NameQualifier!$SPNameQualifier!$Name" defaultQualifiers="true"/>
</Attribute>
<!-- Second, the SAML 2.0 NameID Format: -->
<Attribute name="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" id="persistent-id">
<AttributeDecoder xsi:type="NameIDAttributeDecoder" formatter="$NameQualifier!$SPNameQualifier!$Name" defaultQualifiers="true"/>
</Attribute>
<!-- eduPerson attributes until version 201602 -->
<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" id="eppn">
<AttributeDecoder xsi:type="ScopedAttributeDecoder"/>
</Attribute>
<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.12" id="prior-eppn">
<AttributeDecoder xsi:type="ScopedAttributeDecoder"/>
</Attribute>
<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" id="affiliation">
<AttributeDecoder xsi:type="ScopedAttributeDecoder" caseSensitive="false"/>
</Attribute>
<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1" id="unscoped-affiliation">
<AttributeDecoder xsi:type="StringAttributeDecoder" caseSensitive="false"/>
</Attribute>
<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" id="entitlement"/>
<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.5" id="primary-affiliation">
<AttributeDecoder xsi:type="StringAttributeDecoder" caseSensitive="false"/>
</Attribute>
<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.2" id="nickname"/>
<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.8" id="primary-orgunit-dn"/>
<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.4" id="orgunit-dn"/>
<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.3" id="org-dn"/>
<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" id="assurance"/>
<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.13" id="unique-id"/>
<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.16" id="orcid"/>
<!-- eduMember attributes until version 200507 -->
<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.5.1.1" id="member"/>
<!-- eduCourse attributes until version 200507 -->
<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.6.1.1" id="eduCourseOffering"/>
<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.6.1.2" id="eduCourseMember"/>
<!-- Attributes from the Nordic LDAP schema norEdu* until version 1.6 -->
<Attribute name="urn:oid:1.3.6.1.4.1.2428.90.1.10" id="norEduPersonLegalName"/>
<Attribute name="urn:oid:1.3.6.1.4.1.2428.90.1.5" id="norEduPersonNIN"/>
<Attribute name="urn:oid:1.3.6.1.4.1.2428.90.1.4" id="norEduPersonLIN"/>
<Attribute name="urn:oid:1.3.6.1.4.1.2428.90.1.6" id="norEduOrgAcronym"/>
<Attribute name="urn:oid:1.3.6.1.4.1.2428.90.1.3" id="norEduPersonBirthDate"/>
<Attribute name="urn:oid:1.3.6.1.4.1.2428.90.1.13" id="norEduPersonServiceAuthnLevel"/>
<Attribute name="urn:oid:1.3.6.1.4.1.2428.90.1.14" id="norEduPersonAuthnMethod"/>
<Attribute name="urn:oid:1.3.6.1.4.1.2428.90.1.7" id="norEduOrgUniqueIdentifier"/>
<Attribute name="urn:oid:1.3.6.1.4.1.2428.90.1.8" id="norEduOrgUnitUniqueIdentifier"/>
<Attribute name="urn:oid:1.3.6.1.4.1.2428.90.1.12" id="norEduOrgNIN"/>
<Attribute name="urn:oid:1.3.6.1.4.1.2428.90.1.1" id="norEduOrgUniqueNumber"/>
<Attribute name="urn:oid:1.3.6.1.4.1.2428.90.1.2" id="norEduOrgUnitUniqueNumber"/>
<!-- Attributes from the European SCHema for ACademia (SCHAC) until version 1.5.0 -->
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.1" id="schacMotherTongue"/>
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.2" id="schacGender"/>
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.3" id="schacDateOfBirth"/>
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.4" id="schacPlaceOfBirth"/>
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.5" id="schacCountryOfCitizenship"/>
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.6" id="schacSn1"/>
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.7" id="schacSn2"/>
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.8" id="schacPersonalTitle"/>
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.9" id="schacHomeOrganization"/>
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.10" id="schacHomeOrganizationType"/>
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.11" id="schacCountryOfResidence"/>
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.12" id="schacUserPresenceID"/>
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.13" id="schacPersonalPosition"/>
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.14" id="schacPersonalUniqueCode"/>
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.15" id="schacPersonalUniqueID"/>
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.17" id="schacExpiryDate"/>
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.18" id="schacUserPrivateAttribute"/>
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.19" id="schacUserStatus"/>
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.20" id="schacProjectMembership"/>
<Attribute name="urn:oid:1.3.6.1.4.1.25178.1.2.21" id="schacProjectSpecificRole"/>
<!-- Attributes from the late Swedish Alliance for Middleware Infrastructure (SWAMI) -->
<!-- GMAI authorization tuples, mostly sent as eduPersonEntitlement (entitlement above) -->
<Attribute name="urn:oid:1.2.752.104.2.3.1" id="swamiGmaiAssertion"/>
<!-- Unique identifier for billing recipients -->
<Attribute name="urn:oid:1.2.752.104.3.1.1" id="swamiBillingIdentifier"/>
<!-- Identifying a recipient of a monetary transfer within a single financials system -->
<Attribute name="urn:oid:1.2.752.104.3.1.2" id="swamiCostCenterIdentifier"/>
<!-- Attribute to extract SWAMID Assurance Profiles -->
<Attribute name="urn:oasis:names:tc:SAML:attribute:assurance-certification" id="Assurance-Certification"/>
<!-- Examples of standard LDAP-based attributes -->
<Attribute name="urn:oid:2.5.4.3" id="cn"/>
<Attribute name="urn:oid:2.5.4.4" id="sn"/>
<Attribute name="urn:oid:2.5.4.42" id="givenName"/>
<Attribute name="urn:oid:2.16.840.1.113730.3.1.241" id="displayName"/>
<Attribute name="urn:oid:0.9.2342.19200300.100.1.1" id="uid"/>
<Attribute name="urn:oid:0.9.2342.19200300.100.1.3" id="mail"/>
<Attribute name="urn:oid:2.5.4.20" id="telephoneNumber"/>
<Attribute name="urn:oid:2.5.4.12" id="title"/>
<Attribute name="urn:oid:2.5.4.43" id="initials"/>
<Attribute name="urn:oid:2.5.4.13" id="description"/>
<Attribute name="urn:oid:2.16.840.1.113730.3.1.1" id="carLicense"/>
<Attribute name="urn:oid:2.16.840.1.113730.3.1.2" id="departmentNumber"/>
<Attribute name="urn:oid:2.16.840.1.113730.3.1.3" id="employeeNumber"/>
<Attribute name="urn:oid:2.16.840.1.113730.3.1.4" id="employeeType"/>
<Attribute name="urn:oid:2.16.840.1.113730.3.1.13" id="mailLocalAddress"/>
<Attribute name="urn:oid:2.16.840.1.113730.3.1.39" id="preferredLanguage"/>
<Attribute name="urn:oid:0.9.2342.19200300.100.1.10" id="manager"/>
<Attribute name="urn:oid:2.5.4.34" id="seeAlso"/>
<Attribute name="urn:oid:2.5.4.23" id="facsimileTelephoneNumber"/>
<Attribute name="urn:oid:2.5.4.9" id="street"/>
<Attribute name="urn:oid:2.5.4.18" id="postOfficeBox"/>
<Attribute name="urn:oid:2.5.4.17" id="postalCode"/>
<Attribute name="urn:oid:2.5.4.8" id="st"/>
<Attribute name="urn:oid:2.5.4.7" id="l"/>
<Attribute name="urn:oid:2.5.4.10" id="o"/>
<Attribute name="urn:oid:2.5.4.11" id="ou"/>
<Attribute name="urn:oid:2.5.4.15" id="businessCategory"/>
<Attribute name="urn:oid:2.5.4.19" id="physicalDeliveryOfficeName"/>
<Attribute name="urn:oid:0.9.2342.19200300.100.1.43" id="friendlyCountryName"/>
<Attribute name="urn:oid:2.5.4.6" id="countryName"/>
</Attributes>
|
