urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
Joshua Brodie
josbrodie at gmail.com
Wed Aug 5 23:23:49 UTC 2020
Hi List:
Been away for few weeks on another project and my brain is back on SAML.
In v3.4.7, we have the following:
idp.persistentId.generator = shibboleth.StoredPersistentIdGenerator
Where it generates the eduPersonTargetedID based on a seed/salt pair.
But we now need to make the value sent under
'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent' dynamic. A SP is
requesting 'mail' as 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'.
I thought I could override the source attribute via 'saml-nameid.xml' --
but can't seem to. urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
always resorts to the eduPersonTargetedID value.
I am certain I am missing something. But not so sure where.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20200805/327de2df/attachment.htm>
More information about the users
mailing list