Tracing edupersontargetedid to usernames
Morris, Andi
amorris at cardiffmet.ac.uk
Sat May 24 08:00:21 EDT 2014
Thanks,
Would the assertion ID be found in the process.log and then in turn leading to the user ID or would that be somewhere else?
Cheers,
Andi
________________________________________
From: users-bounces at shibboleth.net [users-bounces at shibboleth.net] on behalf of Cantor, Scott [cantor.2 at osu.edu]
Sent: 23 May 2014 16:03
To: Shib Users
Subject: Re: Tracing edupersontargetedid to usernames
On 5/23/14, 10:44 AM, "Morris, Andi" <amorris at cardiffmet.ac.uk> wrote:
>I¹ve received a request to trace a username that accessed a resource
>authenticated by our Shibboleth IDP, and the user ID given by the remote
>supplier is (as expected) the eduPersonTargetedID. Is there any way I can
>trace that value to
> an internal user here? I can¹t seem to find anything in the shibboleth
>logs.
There isn't anything, but you can get the assertion ID from the SP and
then track back with that.
Using hashing as a strategy presupposes to some degree you don't have this
use case. That was one of the reasons we pushed the database approach, and
eventually after it was clear that wasn't going to result in anybody using
a database, we just decided to stop arguing over it because the number of
cases where people needed this was rare.
-- Scott
--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list