Disable NameIDGenerator for specificy relyingParty

Ignacio Amoeiro Bosch ignacio.amoeiro at extern.ibsalut.es
Fri May 22 18:24:56 UTC 2020 

Hi,

I  swaped, but still not working. It is still triggering the Persistentent generator instead of the AtributeSourcedGenerator.



This is the list content:


  <util:list id="shibboleth.SAML2NameIDGenerators">

            <bean parent="shibboleth.SAML2PersistentGenerator">
                <property name="activationCondition">
                    <bean parent="shibboleth.Conditions.NOT">
                        <constructor-arg>
                            <bean parent="shibboleth.Conditions.RelyingPartyId" c:candidate="urn:federation:MicrosoftOnline" />
                        </constructor-arg>
                    </bean>
                </property>
            </bean>


        <ref bean="shibboleth.SAML2PersistentGenerator" />


    <bean parent="shibboleth.SAML2AttributeSourcedGenerator"
              p:format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
              p:attributeSourceIds="#{ {'ImmutableID'} }">
        <property name="activationCondition">
            <bean parent="shibboleth.Conditions.RelyingPartyId" c:candidate="urn:federation:MicrosoftOnline" />
        </property>
    </bean>



    </util:list>



-----Mensaje original-----
De: users <users-bounces at shibboleth.net> En nombre de Cantor, Scott
Enviado el: viernes, 22 de mayo de 2020 20:13
Para: Shib Users <users at shibboleth.net>
Asunto: Re: Disable NameIDGenerator for specificy relyingParty

On 5/22/20, 1:54 PM, "users on behalf of Ignacio Amoeiro Bosch" <users-bounces at shibboleth.net on behalf of ignacio.amoeiro at extern.ibsalut.es> wrote:

> Should I move the activationCondition block before the      <ref bean="shibboleth.SAML2PersistentGenerator" /> ?

Yes. Lists are always ordered. That's why they're expressed as a list and not a set or some other unordered collection type.

-- Scott


-- 
For Consortium Member technical support, see https://ddec1-0-en-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=https%3a%2f%2fwiki.shibboleth.net%2fconfluence%2fx%2fcoFAAg&umid=93065d65-44f5-48b6-a8f3-de050acfb3a0&auth=1c980b950b810d2ebe959a136e6fc6796ec23183-de38232b991b77df91b7aebe02225c5854afdefb
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net

More information about the users mailing list