"non-NameID-valued attribute" for hashed NameID
Cantor, Scott
cantor.2 at osu.edu
Fri Nov 18 15:15:12 GMT 2011
On 11/18/11 10:06 AM, "Peter Schober" <peter.schober at univie.ac.at> wrote:
>
>That's what I thought explained the message but I was failing to see
>why the other SP running the same release could then work just fine
>doing exactly that for quite a while.
>Well, it seems on the SP where it worked as intended I never updated
>the attribute-policy.xml with the new "persistent-id" rule from
>attribute-policy.xml.dist.
I keep thinking maybe I need to provide some hook to allow filtering rules
to be updated by upgrades. Like maybe have a filter policy file that is
config(replace) and if you leave a reference to that in shibboleth2.xml,
you'd get whatever default rules come with the upgrade, or if you want to
just control it yourself, you take out that default reference.
-- Scott
More information about the users
mailing list