targeted-id question
Mike Flynn
shibbolethlynda at yahoo.com
Mon Feb 18 15:28:45 EST 2013
OK, I will un-comment the rule and comment out the old one I guess.
________________________________
From: "Cantor, Scott" <cantor.2 at osu.edu>
To: Shib Users <users at shibboleth.net>
Sent: Monday, February 18, 2013 12:25 PM
Subject: Re: targeted-id question
On Feb 18, 2013, at 2:59 PM, Mike Flynn <shibbolethlynda at yahoo.com> wrote:
> Mine must be older as my ISAPI stanza looks like this:
Yes, so aside from just obviously making sure that not using safe names is, well, safe, you do indeed get the header name as HTTP_TARGETED_ID.
The point is, I would not store/manage them serialized as value at scope, which is simply wrong. The optional decoder that's commented out fixes that difference and can format them as though they were sent correctly, which means you're insulated from the IdP being broken.
-- Scott
--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20130218/d2b5901b/attachment.html
More information about the users
mailing list