diff --git a/defaults/main.yml b/defaults/main.yml
index e4f82e0..d35f570 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -73,6 +73,21 @@ hydra_saml_app_description: Authentification via SAML
hydra_saml_app_icon_url:
hydra_saml_idp_entity_id: https://samltest.id/saml/idp
hydra_saml_idp_metadata_url: https://samltest.id/saml/idp
+hydra_saml_allowed_redirects: []
+
+hydra_saml_subject_header: subject-id
+hydra_saml_headers_attributes_mapping:
+ - header: mail
+ attribute: email
+ required: true
+
+saml_attributes:
+ - id: uid
+ name: urn:oid:0.9.2342.19200300.100.1.1
+ nameFormat: urn:oasis:names:tc:SAML:2.0:attrname-format:uri
+ - id: mail
+ name: urn:oid:0.9.2342.19200300.100.1.3
+ nameFormat: urn:oasis:names:tc:SAML:2.0:attrname-format:uri
# OIDC Test configuration
diff --git a/templates/cadoles-pod-shibboleth-sp-v3.conf.j2 b/templates/cadoles-pod-shibboleth-sp-v3.conf.j2
index 88d0533..72816b1 100644
--- a/templates/cadoles-pod-shibboleth-sp-v3.conf.j2
+++ b/templates/cadoles-pod-shibboleth-sp-v3.conf.j2
@@ -8,7 +8,8 @@ PODMAN_ARGS="\
-e 'APACHE_BACKEND_URL=http://10.0.2.2:3003' \
-e 'APACHE_FORCE_HTTPS={{ "true" if haproxy_public_base_url.startswith('https') else "false" }}' \
-e 'SP_HANDLER_BASE_PATH={{ haproxy_hydra_saml_base_path }}' \
+ -e 'SP_SESSIONS_REDIRECT_LIMIT=host+allow' \
+ -e 'SP_SESSIONS_REDIRECT_ALLOW={{ hydra_saml_allowed_redirects | join(',') }}' \
-v '/etc/shibboleth/attribute-map.inc.xml:/etc/shibboleth/attribute-map.inc.xml' \
- -v '/etc/shibboleth/shibboleth2.xml.gotmpl:/etc/shibboleth/shibboleth2.xml.gotmpl' \
-v '/etc/shibboleth/credentials:/etc/shibboleth/credentials' \
"
\ No newline at end of file
diff --git a/templates/hydra-remote-user.yml.j2 b/templates/hydra-remote-user.yml.j2
index 6d320c5..ca8faf0 100644
--- a/templates/hydra-remote-user.yml.j2
+++ b/templates/hydra-remote-user.yml.j2
@@ -1,6 +1,3 @@
remote_user:
- subject_header: subject-id
- headers_attributes_mapping:
- - header: mail
- attribute: email
- required: true
\ No newline at end of file
+ subject_header: "{{ hydra_saml_subject_header }}"
+ headers_attributes_mapping: {{ hydra_saml_headers_attributes_mapping | to_json }}
\ No newline at end of file
diff --git a/templates/shibboleth-attribute-map.inc.xml.j2 b/templates/shibboleth-attribute-map.inc.xml.j2
index 261c341..a9027d9 100644
--- a/templates/shibboleth-attribute-map.inc.xml.j2
+++ b/templates/shibboleth-attribute-map.inc.xml.j2
@@ -1,2 +1,3 @@
-
-
\ No newline at end of file
+{% for item in saml_attributes %}
+
+{% endfor %}
\ No newline at end of file