Subject NameID format question
Peter Schober
peter.schober at univie.ac.at
Wed Nov 13 15:11:24 EST 2019
* Aterea Brown <atbrown at aut.ac.nz> [2019-11-13 20:30]:
> Typically I use the file saml-nameid.xml to set the persistent id generator to use the specified format.
> you then only need to release the actual attribute to the sp. So in
> this cause you would have a clause in attribute-filter.xml that
> releases eMailAddress.
That's fine.
> Then in the saml-nameid.xml you could have 2 entries for the sp.
There should be no need for that.
> you wil lneed an entry that will tell the generator not to use the default method.
> then an entry that says for entityid blah use method xyz.
Neither for that.
Following the documentation on NameID format selection would be my
recommendation. Most often the best and easiest way to configure
NameID selection is adjusting the SP's metadata, at least in cases
where you have to manage that locally anyway.
-peter
More information about the users
mailing list