Help setting NameID
Adam von Nieda
adam at vonnieda.org
Fri Jun 9 09:49:58 EDT 2017
Thanks Scott. I’m on Linux / Apache, Shibboleth 2.6
So in the transaction.log, I see the following
.. at (ClientAddress: 10.9.231.220) with (NameIdentifier: AvonNieda)
and I need the value of NameIdentifier (AvonNieda) to be set as REMOTE_USER. Should it be as simple as changing the following in shibboleth2.xml
REMOTE_USER="eppn persistent-id targeted-id"
to
REMOTE_USER="NameIdentifier"
or is there something more that needs to happen? Do I need to set that up in the attribute-map.xml as well? I’ve tried a few things and clearly I’m getting it wrong, because REMOTE_USER is not getting set.
Thanks,
-Adam
--
Adam von Nieda
Adam at vonNieda.org
> On Jun 8, 2017, at 4:27 PM, Cantor, Scott <cantor.2 at osu.edu> wrote:
>
>> Would there be a way that I can map NameIdentifier to a REMOTE_USER
>> HTTP (or any) header variable? I’ve found references but I don’t quite
>> understand how to implement.
>
> The rule in attribute-map is what maps the incoming value into its local variable name. If you want REMOTE_USER set, and you're not on IIS, tell it to use that local variable name in the REMOTE_USER setting in shibboleth2.xml in place of the ones it looks at by default. If you're on IIS, you cannot rely on REMOTE_USER at present.
>
> -- Scott
>
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20170609/feb200a1/attachment.html>
More information about the users
mailing list