NameId question
Brewer, Edward L
lee.brewer at Vanderbilt.Edu
Tue Feb 26 15:47:35 EST 2013
Scott,
Thanks for the follow up. I included the encoding for EPPN just to validate that the attribute was created correctly. When I configure my production environment I will exclude that encoder and will actually only release the attribute listed as concurnameid to that one SP. Since they will not give me metadata and I had to create it for them, I hold the controls.
Thanks again,
Lee Brewer
-----Original Message-----
From: users-bounces at shibboleth.net [mailto:users-bounces at shibboleth.net] On Behalf Of Cantor, Scott
Sent: Tuesday, February 26, 2013 2:03 PM
To: Shib Users
Subject: Re: NameId question
On 2/26/13 2:59 PM, "Brewer, Edward L" <lee.brewer at Vanderbilt.Edu> wrote:
>Scott,
>
>Thanks! I was able to make it work doing the following
>
>I created these two entries in the attribute resolver
I think your second one is technically broken, but you wouldn't notice unless you did SAML 1.1. Then the EPPN would be encoded improperly as an attribute with the scope inline instead of separated out into an XML attribute, but you may not need that.
-- Scott
--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list