Blackboard Transact and IdP 3
cantor.2 at osu.edu
Tue May 24 15:39:26 EDT 2016
> There's no support by default to query on anything but transients.
> which is what the Transact SP receives in the first SAML response, and then
> uses in the attribute query; the transient nameid happens to be
> orthographically equivalent to unencrypted ePPN, but encoded as a transient
> name ID and included the SAML authN response as such
That wouldn't work, that's what I'm saying. The PrincipalConnector that is there by default only handles a transient NameID that can be reversed by mapping in memory back to the real user. A real EPPN would just be seen as an unmappable ID.
More information about the users