[Cantor, Scott]

On 7/17/12 5:36 PM, "Rob Whitener" <rob.whitener at audaxhealth.com> wrote:
>
>I have what I hope is a quick question regarding SP configuration and the
>NameID format settings.  Our partner has indicated that they will be
>sending a NameID with a format of transient.  Sounds good to us.
>Recently, they have come back and said that
> the metadata we have provided them indicates that we don't support the
>transient NameID format.  They believe that we need to configure our
>system to not include the following tags in the metadata.

If they want to be strict about it, that's fine. Add it to your metadata.
Problem solved.

>I have looked through the documentation and I can't really find too much
>documentation around configuring an SP to support transient NameID format.

There's nothing to configure. The SP doesn't care what the NameID is. You
decide what to extract out of assertions and if you want to extract the
NameID, you can do that. You would not do that with a transient generally.

>Is Shibboleth SP configured to use persistent nameId's out of the box by
>default, and if so do any of these configuration element govern that
>behavior?

None of that has anything to do with it. It isn't configured to do
anything by default but populate headers with certain types of
information. Those are defaults only and mean nothing to the SP in
particular.

-- Scott