Resolving attributes from a SAML proxy
cantor.2 at osu.edu
Fri Oct 8 16:02:53 UTC 2021
Well, you have to get rid of the warning obviously, so something's wrong with the rule. Is the Attribute NameFormat what you think it is? I don't know what Microsoft actually does.
Pre-requesting attributes is about using attributes in activation conditions inside the resolver. If you're not doing that, you have no reason to be dealing with that.
In addition, the authnContextTranslationStrategyEx hook is a Function, not a Predicate. You can't plug in a Predicate there, but if you did it would just break outright and not even load, so I don't think that's what you're actually doing, or you're missing something else in the log. If that were plugged into relying-party.xml, that service would be failing to start up.
The rule/warning issue is obviously the main thing though. Other than the NameFormat not being right or some kind of typo in the name, I don't know what else would break it.
More information about the users