targeted-id question

Mike Flynn shibbolethlynda at
Mon Feb 18 14:31:56 EST 2013

I do not think I have safeHeaderNames turned on as persistent-id passes as http_persistent-id like this:

Attributes displayName: Lynda Test persistent-id:!!1n43OwhUMrCrg0s8FNn/LAFm/uQ=
Is the issue then NameIDFromScoped ?

 From: "Cantor, Scott" <cantor.2 at>
To: Shib Users <users at> 
Sent: Monday, February 18, 2013 11:01 AM
Subject: Re: targeted-id question
On 2/18/13 12:52 PM, "Mike Flynn" <shibbolethlynda at> wrote:

>targeted-id: on my protected
>resource I then expect to see http_targeted-id in the request headers but
>it is not there.  I have asked them to switch to persistent-id for this
>but apparently they have some challenge with that...(stupid Ymail

Firstly, please review all of this:

You don't need to process the bogus syntax, you can uncomment the
NameIDFromScoped decoder so that it converts them to the proper form and
matches all the other IdPs you deal with.

Secondly, your problem is the safeHeaderNames option that collapses
punctuation. "targeted-id" would be HTTP_TARGETEDID.

-- Scott

To unsubscribe from this list send an email to users-unsubscribe at
-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list