JA T3 Framework

Fast. Flexible. Powerful


How to add scope to eduPersonPrincipalName

In the WAYF federation your are required to add your organization scope to the eduPersonPrincipalName attribute. SimpleSAMLphp do not have functionality to do this out of the box, but you can use the PHP authentication process filter located in the core module i the trunk version of simpleSAMLphp.

To do this first get the PHP filter. You can copy-paste it from here and put it in the core module. Now you can configure the module to add the scope to the eduPersonPrinciplaName attribute, by doing the following

10 => array(
    'class' => 'core:PHP',
    'code' => '
        if (empty($attributes["eduPersonPrincipalName"])) {
            throw new Exception("Missing eduPersonPrincipalName attribute.");

        $eppn = $attributes["eduPersonPrincipalName"][0];
        $new_eppn = $eppn . "@scope.net";
            $attributes["eduPersonPrincipalName"] = array($new_eppn);

REMEMBER you can only use " inside the code block.

WAYF – Where Are You From
Asmussens Allé, bygning 305
2800 Kgs. Lyngby


You are here