Activation condition for multiple SPs
Lalith Jayaweera
ljayaweera at gmail.com
Wed May 17 02:03:45 EDT 2017
In saml-nameid.xml, for single SP, the activation Condition works with the
tag c:candidate
However given we got multple SPs with same nameID requirements, I coded an
activation condition with c:candidates in In saml-nameid.xml and listed the
SPs, this does not work
Do I have to define anything else.
<bean parent="shibboleth.SAML2AttributeSourcedGenerator"
p:format="urn:oasis:names:tc:SAML:1.0:nameid-format:unspecified"
p:attributeSourceIds="#{ {'uid'} }">
<property name="activationCondition">
<bean parent="shibboleth.Conditions.RelyingPartyId"
c:candidates="#{{'https://sample.SP.one.com','https://sample.SP.two.com'}}"
/>
</property>
</bean>
also in relyingparty.xml as follows
<bean parent="RelyingPartyByName" c:relyingPartyIds="#{{'
https://sample.SP.one.com','https://sample.SP.two.com'}}">
<property name="profileConfigurations">
<list>
<bean parent="SAML2.SSO" p:encryptAssertions="false"
p:signAssertions="true" p:signResponses="false"
p:nameIDFormatPrecedence="urn:oasis:names:tc:SAML:1.0:nameid-format:unspecified"/>
</list>
</property>
</bean>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20170517/160ef35b/attachment.html>
More information about the users
mailing list