The definition of principal
Mike Flynn
shibbolethlynda at yahoo.com
Fri Sep 26 10:54:48 EDT 2014
I am currently having a conversation with SuccessFactors / BizX with regard to their requiring that we use nameID as a unique, immutable ID token for the user. Typically we use things like targeted-id/eppn/UID etc - Attributes passed to us. I am trying to understand the following:
Is this appropriate?If appropriate, can I configure my SP (v2.3.1) to pass nameID to the protected resource in some fashion? Should I expect Successfactors to pass it as an attribute?
Thanks
On Thursday, September 25, 2014 12:40 PM, Mike Flynn <shibbolethlynda at yahoo.com> wrote:
In the OASIS docs, I see this:
The optional <Subject> element specifies the principal that is the subject of all of the (zero or more)statements in the assertion.
In the glossary it is defined as this:
A system entity whose identity can be authenticated. [X.811]
What exactly is meant by system entity? Does the principal in an assertion have any association with the user specific data being passed as attributes?
Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20140926/fc0c5665/attachment.html
More information about the users
mailing list