shibbolethlynda at yahoo.com
Mon Feb 18 14:52:30 EST 2013
Well, I forced my side to log the headers. This is what I got:
So it's passed as HTTP_TARGETED_ID
From: "Cantor, Scott" <cantor.2 at osu.edu>
To: Shib Users <users at shibboleth.net>
Sent: Monday, February 18, 2013 11:37 AM
Subject: RE: targeted-id question
> I do not think I have safeHeaderNames turned on as persistent-id passes as
> http_persistent-id like this:
Those are internal names directly from the attribute map, not the header names used on export.
I don't know what API you use or anything about its requirements. The information I have is in the https://wiki.shibboleth.net/confluence/display/SHIB2/secadv_20090615 wiki topic on what's safe and what isn't. But safeHeaderNames is in all the configs by default, unless it's an older one that predates the option.
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users