Shibboleth/apache/O365 Azure/Reverse Proxy
Peter Schober
peter.schober at univie.ac.at
Wed May 13 16:15:22 UTC 2020
* Cantor, Scott <cantor.2 at osu.edu> [2020-05-13 18:06]:
> FWIW, the reason you're not getting the NameID mapped in, which I
> think is what you're actually asking here, is that your rule is
> wrong:
>
> <Attribute name="emailAddress"
> nameFormat="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
> id="emailAddress">
> etc...
>
> That's not how you map in a NameID. The correct mapping rule is
>
> <Attribute name="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
> id="emailAddress">
> etc....
Filling in the "etc" above:
<Attribute name="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" id="email-id">
<AttributeDecoder xsi:type="NameIDAttributeDecoder" formatter="$Name" />
</Attribute>
-peter
More information about the users
mailing list