Today, the shibboleth user mapping can be configured, however only for a limited, hardcoded set of user properties. This should be refactored to a generic user property mapping similar to the configuration in the LDAP module.
- Generic list of shib-attributes to oo-properties mapping
- Refactor code in ShibbolethDispatcher and ShibbolethRegistrationController and move user-sync code to a new manager
- Update all user properties on login (except username and language)
Special thinking must go into how to generically sync the following kind of user attributes:
- multi-value shib attributes (save as comma separate oo-properties?)
- user language (code already there)
- gender (in UHH example an integer value)