ServiceNow Multi-Provider SSO integration follow-up

Paul B. Henson henson at csupomona.edu
Fri Jul 11 23:37:39 EDT 2014


On Thu, Jul 10, 2014 at 09:28:09PM -0700, David Langenberg wrote:

>    No, it's not hard at all, but not having to send a custom NameID cuts
>    down on the number of custom relying-party entries in my
>    relying-party.xml. Â A worthy rock to trip over so long as Service-Now
>    views this as a feature rather than a bug.

Well, it still need a relying party kludge as it doesn't support
attribute encryption :(. But I was able to get rid of the extra
nameid attribute definition in the attribute resolver config, and have
the attribute filter just allow the existing attribute rather than
explicitly denying the transientid and allowing the kluged nameid.


-- 
Paul B. Henson  |  (909) 979-6361  |  http://www.csupomona.edu/~henson/
Operating Systems and Network Analyst  |  henson at csupomona.edu
California State Polytechnic University  |  Pomona CA 91768


More information about the users mailing list