ValueConfiguration differs from IdP v3.x to v4.x?
Marco Malavolti
marco.malavolti at garr.it
Sat May 16 23:07:35 UTC 2020
Thank you so much Scott!
I'll treasure your advice!
Best regards and stay safe!!!
:-)
--
Marco Malavolti
Consortium GARR - Servizio IDEM GARR AAI
Via dei Tizii, 6 - I-00185 (ROMA)
CF: 97284570583 - PI:07577141000
Mobile: +39 331 608 3639
Skype: marco.mala
PGP KEY: https://keys.openpgp.org/search?q=marco.malavolti@garr.it
Il 16/05/20 19:37, Cantor, Scott ha scritto:
> Also, to clarify what might be happening here...
>
> With V4, the AttributeInMetadata rule is driven by the new Attribute Registry service, which uses a lot of built-in rules to auto-decode SAML Attribute syntax back into local attribute names that would then match up with what you were doing in the IdP.
>
> I would maybe suspect that the issue is that In V3, it wasn't reverse mapping the SP's RequestedAttribute into the "eduPersonEntitlement" name for some reason, and that was preventing the release.
>
> You still had the same declared "intent" in the old version, but it wasn't happening, which coincidentally was better than actually honoring what you told it to do.
>
> It might be useful to dig into why it wasn't reverse mapping it before, but in the end, the point is that the new version is more advanced and capable at that step.
>
> -- Scott
>
>
More information about the users
mailing list