I want a way to map user attribute values to multiple different values so as an integrator I can have flexibility in defining security logic/rules for metadata AuthZ based on user attributes.

Description

This is to provide a way to expand or change security attributes (from the SAML Assertion attribute statement) into different values. For example mapping someone with a higher-level attribute like "Manager" could be mapped to "Manager", "Employee", and "Cashier".

This solution should also look at options that can be used to split attributes up where necessary to perform the expansion mentioned above.

Environment

None

Status

Assignee

Bruce Beyeler

Reporter

Matthew Ramey

Labels

None

Fix versions

Affects versions

Priority

Minor
Configure