Request specified use of an unsupportable identifier format: urn:mace:shibboleth:1.0:nameIdentifier

Wed Jun 9 18:00:21 UTC 2021

Ah, ok. Thanks for the info. I'd like to explain the issue to the SP but it
sounds like urn:mace:shibboleth:1.0:nameIdentifier is the name Shib uses
for that format. Is there platform-agnostic terminology to refer to that
request format that the SP operators would (hopefully) recognize?

Also, just out of curiosity, since there are no required Name ID formats in
the SP's metadata, how does the IdP know that it's requiring
urn:mace:shibboleth:1.0:nameIdentifier?

Appreciate the help,
Jason

On Wed, Jun 9, 2021 at 12:03 PM Cantor, Scott <cantor.2 at osu.edu> wrote:

> On 6/9/21, 11:57 AM, "users on behalf of Jason Rotunno" <
> users-bounces at shibboleth.net on behalf of jrotunno at swarthmore.edu> wrote:
>
> > Can anyone perhaps provide some insight that might help me get this
> working?
>
> You don't. They have a bug and need to discontinue making mandatory
> requests for that format, that's a SAML 1.1 only thing and is essentially a
> dead issue. A SAML 2.0 request cannot request that format and there is
> nothing you should do to make it work.
>
> -- Scott
>
>
> --
> For Consortium Member technical support, see
> https://wiki.shibboleth.net/confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>

-- 

Jason Rotunno
System & Security Administrator
Swarthmore College
500 College Ave
Swarthmore, PA 19081
610.328.8505

*VERIFY before you click!!*
  - Attackers make their emails look like they come from someone they don't.
  - Attackers make links look like they go to websites they don't.
  - Attackers disguise malware as receipts, invoices, faxes, etc.

Forward suspicious emails to phishing at swarthmore.edu.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20210609/741af1be/attachment.htm>