Using a different SP entity ID with the IdP SAML authn flow

Wessel, Keith kwessel at
Mon Sep 20 20:30:19 UTC 2021

Ah. Well, Duh. That thought crossed my mind as I was typing that last note.

So, essentially, the opposite of what I did in the SP entity ID selection. Instead of creating a string to return, I create a principal, set its name to, then add it to a singletonList collection and return that. Is that the basic idea?


-----Original Message-----
From: users <users-bounces at> On Behalf Of Cantor, Scott
Sent: Monday, September 20, 2021 3:20 PM
To: Shib Users <users at>
Subject: Re: Using a different SP entity ID with the IdP SAML authn flow

On 9/20/21, 4:01 PM, "users on behalf of Wessel, Keith" <users-bounces at on behalf of kwessel at> wrote:

>    What is the second parameter to this function, the collection of principals, for?

That's not a second parameter, it's the return value. You return Collections.singletonList() around an AuthnContextClassRefPrincipal with the right string in it.

-- Scott

For Consortium Member technical support, see;!!DZ3fjg!v4xZ9p65TcUfQfJ0NJv5Mspc3XN2HsKCUupguwaE9G0teho9XSqJShS7PerIgcBtkw$ 
To unsubscribe from this list send an email to users-unsubscribe at

More information about the users mailing list