Persistent Assertion/Subject/NameID from LDAP Attribute
Cantor, Scott
cantor.2 at osu.edu
Fri Aug 10 10:37:31 EDT 2012
On 8/10/12 12:05 AM, "Henry B. Hotz" <hotz at jpl.nasa.gov> wrote:
>
>If that's what's wanted by a specific SP, shouldn't the <NameIDFormat>
>metadata make it unnecessary to to put a preference in the RelyingParty?
I believe the IdP does look at that, yes. No other implementations of SAML
will, FWIW.
>Just asking. Everything's working now, but I need to clean things up a
>bit.
The preference rule in relying-party.xml was added to make it cleaner to
unilaterally control the format used without having to use odd-looking
filter policies. Normally you don't control the SP's metadata so
manipulating that isn't the approach generally used.
-- Scott
More information about the users
mailing list