<AttributeResolver xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="urn:mace:shibboleth:resolver:1.0" xsi:schemaLocation="urn:mace:shibboleth:resolver:1.0 shibboleth-resolver-1.0.xsd">

  <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:sn"> 
    <DataConnectorDependency requires="directory"/> 
  </SimpleAttributeDefinition> 

  <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:givenName"> 
    <DataConnectorDependency requires="directory"/> 
  </SimpleAttributeDefinition> 

  <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:cn"> 
    <DataConnectorDependency requires="directory"/> 
  </SimpleAttributeDefinition> 

<!-- 
     Esempio in cui un attributo ha un nome diverso su ldap:
-->
  <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:mail" sourceName="unitestmailprincipale">
    <DataConnectorDependency requires="directory"/> 
  </SimpleAttributeDefinition>

  <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:telephoneNumber" sourceName="unimoretelephonenumber">
    <DataConnectorDependency requires="directory"/> 
  </SimpleAttributeDefinition>

<!-- 
     Esempio in cui un attributo scoped:
-->

  <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:eduPersonScopedAffiliation" smartScope="unimore.it">
    <AttributeDependency requires="urn:mace:dir:attribute-def:eduPersonAffiliation"/>
  </SimpleAttributeDefinition>

<!--
    Definizione di eduPersonTargetedId
    per sourceName si e' scelto dn che deve essere unico
-->
  <SAML2PersistentID id="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" sourceName="dn">
    <DataConnectorDependency requires="directory"/>
    <Salt><![CDATA[segreto_scelto_da_voi_lungo_almeno_16_caratteri]]></Salt>
    <!--<Salt keyStorePath="file:///usr/local/shibboleth-idp/etc/persistent.jks" keyStoreKeyAlias="handleKey" keyStorePassword="shibhs" keyStoreKeyPassword="shibhs"/>-->
  </SAML2PersistentID>

<!-- 
     Un altro attributo scoped:
-->
  
  <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:eduPersonPrincipalName" smartScope="unimore.it">
    <AttributeDependency requires="urn:mace:dir:attribute-def:uid"/>
  </SimpleAttributeDefinition>

  <SimpleAttributeDefinition id="urn:mace:dir:attribute-def:uid"> 
    <DataConnectorDependency requires="directory"/> 
  </SimpleAttributeDefinition> 

<!--
    Da aggiungere (se disponibili nella gestione delle identita'):
    - preferredLanguage
    - schacMotherTongue
    - title
    - eduPersonEntitlement
    - schacPersonalTitle
    - schacUserPresenceID
    - schacUserPrivateAttribute
-->


  <JNDIDirectoryDataConnector id="directory"> 
    <Search filter="uid=%PRINCIPAL%"> 
      <Controls searchScope="SUBTREE_SCOPE" returningObjects="false"/> 
    </Search> 
    <Property name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/> 
    <Property name="java.naming.provider.url" value="ldap://ldap1.unimo.it/ou=People,dc=unitest,dc=it"/> 
    <Property name="java.naming.security.principal" value="cn=adminshib,dc=unitest,dc=it"/>
    <Property name="java.naming.security.credentials" value="secret"/>
    <Property name="java.naming.security.protocol" value="ssl"/> 
  </JNDIDirectoryDataConnector>
  

</AttributeResolver>