Attribute question

Mike Flynn shibbolethlynda at yahoo.com
Fri Nov 4 20:06:28 GMT 2011


I meant the Idp.  I hate you Max.



________________________________
From: Mike Flynn <shibbolethlynda at yahoo.com>
To: Shib Users <users at shibboleth.net>
Sent: Friday, November 4, 2011 12:39 PM
Subject: Re: Attribute question


Thanks.  I passed this on to the SP.


________________________________
From: Peter Schober <peter.schober at univie.ac.at>
To: users at shibboleth.net
Sent: Friday, November 4, 2011 12:21 PM
Subject: Re: Attribute question

* Mike Flynn <shibbolethlynda at yahoo.com> [2011-11-04 20:19]:
> <saml:Attribute Name="EPPN" 
>
 NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue
> xsi:type="xs:string">hermanw at qualcomm.com</saml:AttributeValue></saml:Attribute>
> 
> So it *looks* like it is being passed...
> 
> Can anyone shed light on why it is not getting through?

"Basic" attribute names are:
1. Not recommended (because there usually is no specification of
   syntax or semantics)
2. Not mapped by default in the Shib SP, but before you do consider:
3. Not legal for eduPerson-defined attributes. The only legal way to
   represent this attribute is specified in the MACE-Dir SAML
   Attribute Profiles. In short for most attributes this means using
   URI name format and urn:oid: attribute names.
-peter
--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net



--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20111104/f99f8c5c/attachment-0001.html 


More information about the users mailing list