Working with OGNL and Multi-valued Attributes

Tuesday, February 26, 2013
12:00 pm (GMT-05:00)

As part of a SAML assertion you may need to send group membership extracted from an LDAP directory, which can be easily sent as a multi-valued attribute in the assertion. Extracting that information to include in an assertion, is something you can do easily in PingFederate but often you need to modify this list of groups.

In this session, you will be shown how to use Object-Graph Navigation Language (OGNL) to extract only certain groups from the list, and how to take the distinguished name (DN) value and only send the common name (CN) for the group.

