Release NameID as UID

Cantor, Scott cantor.2 at osu.edu
Sat Sep 5 19:14:09 EDT 2015


On 9/5/15, 6:42 PM, "users on behalf of Johan Åkerstrøm" <users-bounces at shibboleth.net on behalf of Johan.Akerstrom at skill.no> wrote:

>Action AddNameIDToSubjects: Trying to generate NameID with Form
>at urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName

Is there some reason you're using that format?

>2015-09-06 00:38:53,004 - ERROR [org.opensaml.saml.saml2.profile.impl.AddNameIDToSubjects:404] - Profile Action AddNameIDToSubjects: Error while generating NameID
>org.opensaml.saml.common.SAMLException: Invalid NameIdentifierGenerationService configuration
>        at 

Well, you made the configuration unloadable, and it should tell you why in the log where it will track the loading of the configuration.

>Here is my saml-nameid.xml:

I don't think that's the entire configuration, but you created an error in it somewhere.

>Here is my saml-nameid.properties:
>
>	idp.persistentId.generator = shibboleth.SAML2AttributeSourcedGenerator
>	idp.nameid.saml2.default = urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName
>	idp.persistentId.sourceAttribute = customId

None of that makes sense. You need to undo all of that and stop changing all those settings. There is nothing in that file you need to change, and there is no documentation telling you to change it.

-- Scott



More information about the users mailing list