where is transientId in SAML assertion
Kevin Foote
kpfoote at uoregon.edu
Wed Sep 24 19:22:56 EDT 2014
On Sep 24, 2014, at 2:53 PM, David Bantz <dabantz at alaska.edu> wrote:
> A different vendor is unable to properly interpret the SAML assertion from my IdP,
> and I haven’t been able to fathom why not, but notice that despite parallel
> debug log entries that transientId will be used to construct NameID, a corresponding
> NameID is not in the Subject. Instead there’s an EncryptedID.
David,
Check your relying-party.xml for the ProfileConfiguration of the profile you are using, presumably SAML2SSOProfile
Is this set? encryptNameIds=“conditional”
And what is their end asking for?
--------
thanks
kevin.foote
More information about the users
mailing list