Attribute name with "dot"

Peter Schober peter.schober at univie.ac.at
Fri Sep 12 10:53:43 EDT 2014


* Cantor, Scott <cantor.2 at osu.edu> [2014-09-11 23:56]:
> On 9/11/14, 5:14 AM, "Dave Perry" <Dave.Perry at hull-college.ac.uk> wrote:
> >Old topic but... staff email addresses here now have a . in - it didn't
> >seem to break the IdP or our SP on our moodle instance which uses
> >shibboleth SSO for some users (we were going to switch everyone on LDAP
> >to Shibb, but have hit a problem with SSO to/from another of our websites
> >when shibboleth is used - so that switch is on hold).
> 
> Dots in values are very different than dots in attribute names.

And on the wire basically all attribute names have dots in them (URNs
with OIDs, URLs), unless you're using "basic" nameFormat (which you
shouldn't).
So the original question was probably only about naming of "id" values
inside the IDP's attribute resolver and filter, not about anything
you'd send elsewhere. So any breakage would be confined to the IDP
itself, too.
-peter


More information about the users mailing list