Fwd: Installing Shibboleth idp3 with hubspot as sp: Getting Saml response status code InvalidNameIDPolicy
Peter Schober
peter.schober at univie.ac.at
Fri Jun 4 16:00:06 UTC 2021
* Peter Schober <peter.schober at univie.ac.at> [2021-06-04 17:48]:
> That means your IDP is not configured to produce NameIDs of that format.
This.
> > Note that I didn't change saml-nameid.xml but I
> > changed saml-nameid.properties:
> > idp.nameid.saml2.default =
> > urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
>
> A *very* bad idea (setting that as default), but also quite obviously
> it didn't take, otherwise the IDP wouldn't be throwing that error?
I missed that changing the default is no replacement for telling the
IDP what to put into the NameID. I.e., you'd still need to configure
saml-nameid.xml appropriately.
-peter
More information about the users
mailing list