Google Apps with IdP v3 not working
Cantor, Scott
cantor.2 at osu.edu
Wed Aug 26 09:37:40 EDT 2015
On 8/26/15, 9:00 AM, "users on behalf of Dave Perry" <users-bounces at shibboleth.net on behalf of Dave.Perry at hull-college.ac.uk> wrote:
>I tried uncommenting the 'old' NameID generators in saml-nameid.properties, uncommenting the beans in the .xml file, and specifying (in the .properties file):
>idp.persistentId.generator = shibboleth.SAML2AttributeSourcedGenerator
That would be inappropriate for a SAML persistent ID, which Google doesn't support anyway.
That bean is for generating custom NameID formats (including "unspecified") based on an attribute. The property there is for specifying how to generate a SAML persistent format NameID.
>And added the unspecified name format bean 'fix' from that wiki page into relying-party.xml.
If you need to use that format, using the nameIDFormatPrecedence property is the best way to do that at the moment. Whether you generate that format with the resolver (old) or the new custom format approach is a separate choice. Either works. You cannot *possibly* break any other SP by following that approach because it has no affect on the format selection of any other SP.
-- Scott
More information about the users
mailing list