oasis:names:tc:SAML:2.0:nameid-format:persistent
Cantor, Scott
cantor.2 at osu.edu
Wed Aug 5 23:37:59 UTC 2020
On 8/5/20, 7:24 PM, "users on behalf of Joshua Brodie" <users-bounces at shibboleth.net on behalf of josbrodie at gmail.com> wrote:
> In v3.4.7, we have the following:
>
> idp.persistentId.generator = shibboleth.StoredPersistentIdGenerator
>
> Where it generates the eduPersonTargetedID based on a seed/salt pair.
No, that's the database back-end. Computed is the one that generates them.
> But we now need to make the value sent under 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent' dynamic. A
> SP is requesting 'mail' as 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'.
That's completely invalid. You aren't meant to do it.
-- Scott
More information about the users
mailing list