565
szerkesztés
Módosítások
→Attribute conversion rule types
== Attribute conversion rule types ==
=== BasicRule ===
The Basic rule is the simplest attribute conversion rule type. It can create one attribute and optionally use one attribute and regular expressions to transform attribute values.
Basic Rule can create static attributes. You can archieve this by omitting the Condition node.
<BasicRule>
<Description>Create static attribute (or replace existing if attribute with this name already exists)</Description>
<Attribute attributeName="eduPersonScopedAffiliation" replaceValues="true">
<AttributeValue>staff@niif.hu</AttributeValue>
</Attribute>
</BasicRule>
The next rule is using remote provider matching to determine whether the remote side has an identifier of 'urn:geant:edugain:be:' and any hungarian domain appended to it.
<BasicRule>
<Description>Create static attribute for some remote providers</Description>
<Condition>
<RemoteProviderMatch>^urn:geant:edugain:be:[^:]+\.hu$</RemoteProviderMatch>
</Condition>
<Attribute attributeName="homeOrganization">
<AttributeValue>niif.hu</AttributeValue>
</Attribute>
</BasicRule>
This example shows how to rename an attribute without converting its values. Note that you must use AttributeMatch without regular expressions to archieve this.
<BasicRule>
<Description>Rename attribute uid to edupersonPrincipalName</Description>
<Condition>
<AttributeMatch attributeName="uid"/>
</Condition>
<Attribute attributeName="edupersonPrincipalName">
<AttributeValue>${uid}</AttributeValue>
</Attribute>
The next example demonstrates the use of regular expression matching groups.
<BasicRule>
<Decription>Transform o=org,c=country style OrgDN to dns-based homeOrganization</Decription>
<Condition>
<AttributeMatch attributeName="edupersonOrgDN" id="regex">o=(.*),c=(.*)</AttributeMatch>
</Condition>
<Attribute attributeName="homeOrganization">
<AttributeValue>${regex[1]}.${regex[2]}</AttributeValue>
</Attribute>
This latter needs some more explanation. When you want to reference the regular expression matching groups (enclosed by parentheses), you must define the reference name with the 'id' parameter of AttributeMatch. Then, use ${id[0]} to refer to the whole regular expression match (ie. the whole attribute value), and ${id[N]} to refer to the Nth. matching group of the regular expression.
=== MergeRule ===
=== SplitRule ===
