locked
Modifying attributes for outgoing claims. RRS feed

  • Question

  • I have a requirement to pass first name, surname and SIP address. This all seemed straight forward until I was aslo handed the requirement to strip the leading "sip:" from the SIP address (msRTCSIP-PrimaryUserAddress is of the format "sip:username@domain.name").

    Setting up the relying part trust was, as usual, easy until I cane to edit the rule language. I was a little naïve to think that it would be a quick RegExReplace("^sip:","").

    My problem is, where does this fit into the current claim language? I have the following, but am unsure how to perform this replace...

    c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"] => issue(store = "Active Directory", types = ("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"), query = ";msRTCSIP-PrimaryUserAddress,sn,givenName;{0}", param = c.Value);


    Tuesday, September 27, 2016 1:41 PM

Answers

  • Sorted it (if anyone is interested). The missing puzzle piece was to split the rules into 3. The first returned the surname and given name, this simplified the language and only left one variable to play with. The second rule queried Active Directory for the msRTCSIP-PrimaryUserAddress value and assigned it to a variable. The third performed the RegExReplace on this variable and passed it back. This can be seen below. This may not be the correct way or even the most efficient way, but it worked.

    Hope this may be of help to someone else as lost as I was.

    c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
     => issue(store = "Active Directory", types = ("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"), query = ";sn,givenName;{0}", param = c.Value);
    

    c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
     => add(store = "Active Directory", types = ("SIP"), query = ";msRTCSIP-PrimaryUserAddress;{0}", param = c.Value);
    

    c1:[Type == "SIP"]
     => issue(Type = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", Value = RegExReplace(c1.Value, "^sip:", ""));
    

    Wednesday, September 28, 2016 11:27 AM

All replies

  • Sorted it (if anyone is interested). The missing puzzle piece was to split the rules into 3. The first returned the surname and given name, this simplified the language and only left one variable to play with. The second rule queried Active Directory for the msRTCSIP-PrimaryUserAddress value and assigned it to a variable. The third performed the RegExReplace on this variable and passed it back. This can be seen below. This may not be the correct way or even the most efficient way, but it worked.

    Hope this may be of help to someone else as lost as I was.

    c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
     => issue(store = "Active Directory", types = ("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"), query = ";sn,givenName;{0}", param = c.Value);
    

    c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
     => add(store = "Active Directory", types = ("SIP"), query = ";msRTCSIP-PrimaryUserAddress;{0}", param = c.Value);
    

    c1:[Type == "SIP"]
     => issue(Type = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", Value = RegExReplace(c1.Value, "^sip:", ""));
    

    Wednesday, September 28, 2016 11:27 AM
  • Thank you for sharing!

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Wednesday, September 28, 2016 1:42 PM