Disable NameIDGenerator for specificy relyingParty
Ignacio Amoeiro Bosch
ignacio.amoeiro at extern.ibsalut.es
Fri May 22 06:48:19 UTC 2020
Hello,
I'm trying to disable NameIDGenerator for an specific Relying Party Id unsucessfully.
What I have tried, is in saml-nameid.xml added:
<bean parent="shibboleth.SAML2PersistentGenerator">
<property name="activationCondition">
<bean parent="shibboleth.Conditions.NOT">
<constructor-arg>
<bean parent="shibboleth.Conditions.RelyingPartyId" c:candidate="urn:federation:MicrosoftOnline" />
</constructor-arg>
</bean>
</property>
</bean>
Just after <ref bean="shibboleth.SAML2PersistentGenerator" />
What I'm doing wrong?
As a workaround, I have filtered the sourceAttribute used by the SAMLPersitentGenerator in attribute-filter.xml
Regards
More information about the users
mailing list