Disable NameIDGenerator for specificy relyingParty

Ignacio Amoeiro Bosch ignacio.amoeiro at extern.ibsalut.es
Fri May 22 06:48:19 UTC 2020


I'm trying to disable NameIDGenerator for an specific Relying Party Id unsucessfully.

What I have tried, is in saml-nameid.xml added:

    <bean parent="shibboleth.SAML2PersistentGenerator">
                <property name="activationCondition">
                    <bean parent="shibboleth.Conditions.NOT">
                            <bean parent="shibboleth.Conditions.RelyingPartyId" c:candidate="urn:federation:MicrosoftOnline" />

Just after  <ref bean="shibboleth.SAML2PersistentGenerator" />

What I'm doing wrong?

As a workaround, I have filtered the sourceAttribute used by the SAMLPersitentGenerator in attribute-filter.xml


More information about the users mailing list