How can I map "unspecified" nameIds to "emailAddress"?
Curtis Lacy
clacy at lotame.com
Mon Jun 1 15:06:40 UTC 2020
Hi, I'm having trouble getting Single Log Out (SLO) to work with
Salesforce. Logging in is working. When I try to log out, though, IdP4
logs an error:
A non-proceed event occurred while processing the request: SessionNotFound
I connected a remote debugger and the problem appears to be that salesforce
is only including the "unspecified" user name format, and Shibboleth does
not recognize it as equivalent to what it has stored in the sp session,
which is "emailAddress" (in this case, the SP is sending the email address
in the logout request).
Is there a way to configure Shibboleth to simply use the value it has as an
"unspecified" value?
Thanks,
Curtis
--
The information transmitted in this email is intended only for the
person(s) or entity to which it is addressed and may contain confidential
and/or privileged material. Any review, retransmission, dissemination or
other use of, or taking of any action in reliance upon, this information by
persons or entities other than the intended recipient is prohibited. If you
received this email in error, please contact the sender and permanently
delete the email from any computer.
Nothing in this email is intended to
bind Lotame, which only operates under the terms of written agreements
signed by an authorized officer.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20200601/e3ed0bfa/attachment.htm>
More information about the users
mailing list