Blackboard Transact and IdP 3

Cantor, Scott cantor.2 at
Tue May 24 15:39:26 EDT 2016

> 	There's no support by default to query on anything but transients.
> which is what the Transact SP receives in the first SAML response, and then
> uses in the attribute query; the transient nameid happens to be
> orthographically equivalent to unencrypted ePPN, but encoded as a transient
> name ID and included the SAML authN response as such

That wouldn't work, that's what I'm saying. The PrincipalConnector that is there by default only handles a transient NameID that can be reversed by mapping in memory back to the real user. A real EPPN would just be seen as an unmappable ID.

-- Scott

More information about the users mailing list